Sample records for biometric authentication systems

A biometricauthenticationsystem acquires biometric sample such as fingerprint. The fingerprint signifies physiological features of an individual.This is a system which maintains the attendance records of students automatically. In this designing of an efficient module that comprises of a fingerprint sensor to manage the attendance records of students. This module enrolls the student’s as well as staff’s fingerprints. This enrolling is a onetime process and their fingerprints will be stored...

As biometric recognition techniques are gradually improved, the stability of biometricauthenticationsystems are enhanced. Although bioinformation has properties that make it resistant to fraud, biometricauthenticationsystems are not immune to hacking. We show a secure biometricauthenticationsystem (1) to guarantee the integrity of biometric information by mixing data by use of a biometric key and (2) to raise recognition rates by use of bimodal biometrics.

We propose a secure, robust, and low-cost biometricauthenticationsystem on the mobile personal device for the personal network. The system consists of the following five key modules: 1) face detection; 2) face registration; 3) illumination normalization; 4) face verification; and 5) information

In biometric privacy-preserving authenticationsystems that are based on key-binding, two terminals observe two correlated biometric sequences. The first terminal selects a secret key, which is independent of the biometric data, binds this secret key to the observed biometric sequence and

International audience; Despite the obvious advantages of biometricauthenticationsystems over traditional security ones (based on tokens or passwords), they are vulnerable to attacks which may considerably decrease their security. In order to contribute in resolving such problematic, we propose a modality-independent evaluation methodology for the security evaluation of biometricsystems. It is based on the use of a database of common threats and vulnerabilities of biometricsystems, and th...

A major concern nowadays for any Biometric Credential Management System is its potential vulnerability to protect its information sources; i.e. protecting a genuine user’s template from both internal and external threats. These days’ biometricauthenticationsystems face various risks. One of the most serious threats is the ulnerability of the template's database. An attacker with access to a reference template could try to impersonate a legitimate user by reconstructing the biometric sample...

Robust personal authentication is becoming ever more important in computer-based applications. Among a variety of methods, biometric offers several advantages, mainly in embedded system applications. Hard and soft multi-biometric, combined with hard and soft computing methods, can be applied to improve the personal authentication process and to generalize the applicability. This chapter describes the embedded implementation of a multi-biometric (voiceprint and fingerprint) multimodal identification system based on hard computing methods (DSP) for feature extraction and matching, an artificial neural network (ANN) for soft feature pattern matching, and a fuzzy logic engine (FLE) for data fusion and decision.

In recent years the need for greater security for storing personal and business data or accessing corporate networks on mobile devices is growing rapidly, and one of the potential solutions is to employ the innovative biometricauthentication techniques. This paper presents the development...... and present a mobile prototype system capable of authenticating users based on the uniqueness of their brainwaves. Furthermore, we implement a novel authentication process, which leads the authenticationsystem to be more secure. We also give suggestions for future improvements of the system....

The goal of this thesis is to introduce the main aspects of biometry, explain particular methods of biometric analysis and determine suitable methods for using in particular authenticationsystem by multicriterial analysis. Our criteria for method analysis are: uniqueness, universality, public acceptability and policy consideration, resistence of fraud, accuracy, speed of comparison, template storage requirements, constancy of human biometric characters. The thesis deals with the effective us...

This paper proposes a spectroscopic method and system for preventing spoofing of biometricauthentication. One of its focus is to enhance biometricsauthentication with a spectroscopic method in a multifactor manner such that a person's unique ‘spectral signatures’ or ‘spectral factors’ are recorded and compared in addition to a non-spectroscopic biometric signature to reduce the likelihood of imposter getting authenticated. By using the ‘spectral factors’ extracted from reflectance spectra of real fingers and employing cluster analysis, it shows how the authentic fingerprint image presented by a real finger can be distinguished from an authentic fingerprint image embossed on an artificial finger, or molded on a fingertip cover worn by an imposter. This paper also shows how to augment two widely used biometricssystems (fingerprint and iris recognition devices) with spectral biometrics capabilities in a practical manner and without creating much overhead or inconveniencing their users.

The physiological and behavioral trait is employed to develop biometricauthenticationsystems. The proposed work deals with the authentication of iris and signature based on minimum variance criteria. The iris patterns are preprocessed based on area of the connected components. The segmented image used for authentication consists of the region with large variations in the gray level values. The image region is split into quadtree components. The components with minimum variance are determine...

In this paper we analyze two types of biometric identification systems with protected templates that also support authentication. In the first system two terminals observe biometric enrollment and identification sequences of a number of individuals. It is the goal of these terminals to form a common

Full Text Available Abstract With the fast increasing of the electronic crimes and their related issues deploying a reliable user authenticationsystem became a significant task for both of access control and securing users private data. Human biometric characteristics such as face finger iris scanning voice signature and other features provide a dependable security level for both of the personal and the public use. Many biometricauthenticationsystems have been approached for long time. Due to the uniqueness of human biometrics witch played a master role in degrading imposters attacks. Such authentication models have overcome other traditional security methods like passwords and PIN. This paper aims to briefly address the psychological biometricauthentication techniques. Also a brief summary to the advantages disadvantages and future developments of each method is provided in this paper.

Major biometric methods used for identification and authentication purposes in modern computing systems are considered in the article. Basic classification, application areas and key differences are given.

Authenticated key agreements for telecare medicine information systems provide patients, doctors, nurses and health visitors with accessing medical information systems and getting remote services efficiently and conveniently through an open network. In order to have higher security, many authenticated key agreement schemes appended biometric keys to realize identification except for using passwords and smartcards. Due to too many transmissions and computational costs, these authenticated key agreement schemes are inefficient in communication and computation. This investigation develops two secure and efficient authenticated key agreement schemes for telecare medicine information systems by using biometric key and extended chaotic maps. One scheme is synchronization-based, while the other nonce-based. Compared to related approaches, the proposed schemes not only retain the same security properties with previous schemes, but also provide users with privacy protection and have fewer transmissions and lower computational cost.

Full Text Available An emerging direction for authenticating people is the adoption of biometricauthenticationsystems. Biometric credentials are becoming increasingly popular as a means of authenticating people due to the wide range of advantages that they provide with respect to classical authentication methods (e.g., password-based authentication. The most characteristic feature of this authentication method is the naturally strong bond between a user and her biometric credentials. This very same advantageous property, however, raises serious security and privacy concerns in case the biometric trait gets compromised. In this article, we present the most challenging issues that need to be taken into consideration when designing secure and privacy-preserving biometricauthentication protocols. More precisely, we describe the main threats against privacy-preserving biometricauthenticationsystems and give directions on possible countermeasures in order to design secure and privacy-preserving biometricauthentication protocols.

Full Text Available Perfectly segmenting the area of the iris is one of the most important steps in iris recognition. There are several problematic areas that affect the accuracy of the iris segmentation step, such as eyelids, eyelashes, glasses, pupil (due to less accurate iris segmentation, motion blur, and lighting and specular reflections. To solve these problems, gradient magnitude and Fourier descriptor are employed to do iris segmentation in the proposed Multimodal BiometricAuthenticationSystem (MBAS. This approach showed quite promising results, i.e. an accuracy rate of 97%. The result of the iris recognition system was combined with the result of an open-source fingerprint recognition system to develop a multimodal biometricsauthenticationsystem. The results of the fusion between iris and fingerprint authentication were 99% accurate. Data from Multimedia Malaysia University (MMUI and our own prepared database, the SGU-MB-1 dataset, were used to test the accuracy of the proposed system.

This paper examines the problem of providing a robust non-invasive authentication service for mobile users in a smart environment. We base our work on the persistent authentication model (PAISE), which relies on available sensors to track principals from the location where they authenticate, e.......g., through a smart card based access control system, to the location where the authentication is required by a location-based service. The PAISE model is extended with remote biometrics to prevent the decay of authentication confidence when authenticated users encounter and interact with other users...... in the environment. The result is a calm approach to authentication, where mobile users are transparently authenticated towards the system, which allows the provision of location-based services. The output of the remote biometrics are fused using error-rate-based fusion to solve a common problem that occurs in score...

Part 12: Authentication and Delegation; International audience; The potential advantages of behavioural biometrics are that they can be utilised in a transparent (non-intrusive) and continuous authenticationsystem. However, individual biometric techniques are not suited to all users and scenarios. One way to increase the reliability of transparent and continuous authenticationsystems is create a multi-modal behavioural biometricauthenticationsystem. This research investigated three behavi...

This paper will propose a wolf attack probability (WAP) as a new measure for evaluating security of biometricauthenticationsystems. The wolf attack is an attempt to impersonate a victim by feeding “wolves” into the system to be attacked. The “wolf” means an input value which can be falsely accepted as a match with multiple templates. WAP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure which gives strength estimation of an individual biometricauthenticationsystem against impersonation attacks. We show that if one reestimates using our WAP measure, a typical fingerprint algorithm turns out to be much weaker than theoretically estimated by Ratha et al. Moreover, we apply the wolf attack to a finger-vein-pattern based algorithm. Surprisingly, we show that there exists an extremely strong wolf which falsely matches all templates for any threshold value.

Telecare medical information system (TMIS) offers healthcare delivery services and patients can acquire their desired medical services conveniently through public networks. The protection of patients' privacy and data confidentiality are significant. Very recently, Mishra et al. proposed a biometrics-based authentication scheme for telecare medical information system. Their scheme can protect user privacy and is believed to resist a range of network attacks. In this paper, we analyze Mishra et al.'s scheme and identify that their scheme is insecure to against known session key attack and impersonation attack. Thereby, we present a modified biometrics-based authentication scheme for TMIS to eliminate the aforementioned faults. Besides, we demonstrate the completeness of the proposed scheme through BAN-logic. Compared to the related schemes, our protocol can provide stronger security and it is more practical.

Full Text Available In this paper we will present some schemes for strengthening network authentification over insecure channels with biometric concepts or how to securely transfer or use biometric characteristics as cryptographic keys. We will show why some current authentification schemes are insufficient and we will present our concepts of biometric hashes and authentification that rely on unimodal and multimodal biometrics. Our concept can be applied on any biometric authentification scheme and is universal for all systems.

We implement a biometricauthenticationsystem on the Android platform, which is based on text-dependent speaker recognition. The Android version used in the application is Android 4.0. The application makes use of the Modular Audio Recognition Framework, from which many of the algorithms are adapted in the processes of preprocessing and feature extraction. In addition, we employ the Dynamic Time Warping (DTW) algorithm for the comparison of different voice features. A training procedure is i...

We explore whether a classifier can consistent1y verify c1ients and interact with the computer using camera and behavior of users. In this paper we propose a new way of authentication of user which wi1l capture many images of user in random time and ana1ysis of its touch biometric behavior. In this system experiment the touch conduct of a c1ient/user between an en1istment stage is stored in the database and it is checked its mean time behavior during equa1 partition of time. This touch behavior wi1l ab1e to accept or reject the user. This wi1l modify the use of biometric more accurate to use. In this system the work p1an going to perform is the user wi1l ask single time to a1low to take it picture before 1ogin. Then it wi1l take images of user without permission of user automatica1ly and store in the database. This images and existing image of user wi1l be compare and reject or accept wi1l depend on its comparison. The user touch behavior wi1l keep storing with number of touch make in equa1 amount of time of the user. This touch behavior and image wi1l fina1ly perform authentication of the user automatically.

Recently, Awasthi and Srivastava proposed a novel biometric remote user authentication scheme for the telecare medicine information system (TMIS) with nonce. Their scheme is very efficient as it is based on efficient chaotic one-way hash function and bitwise XOR operations. In this paper, we first analyze Awasthi-Srivastava's scheme and then show that their scheme has several drawbacks: (1) incorrect password change phase, (2) fails to preserve user anonymity property, (3) fails to establish a secret session key beween a legal user and the server, (4) fails to protect strong replay attack, and (5) lacks rigorous formal security analysis. We then a propose a novel and secure biometric-based remote user authentication scheme in order to withstand the security flaw found in Awasthi-Srivastava's scheme and enhance the features required for an idle user authentication scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks, including the replay and man-in-the-middle attacks. Our scheme is also efficient as compared to Awasthi-Srivastava's scheme.

The telecare medical information systems (TMISs) enable patients to conveniently enjoy telecare services at home. The protection of patient's privacy is a key issue due to the openness of communication environment. Authentication as a typical approach is adopted to guarantee confidential and authorized interaction between the patient and remote server. In order to achieve the goals, numerous remote authentication schemes based on cryptography have been presented. Recently, Arshad et al. (J Med Syst 38(12): 2014) presented a secure and efficient three-factor authenticated key exchange scheme to remedy the weaknesses of Tan et al.'s scheme (J Med Syst 38(3): 2014). In this paper, we found that once a successful off-line password attack that results in an adversary could impersonate any user of the system in Arshad et al.'s scheme. In order to thwart these security attacks, an enhanced biometric and smart card based remote authentication scheme for TMISs is proposed. In addition, the BAN logic is applied to demonstrate the completeness of the enhanced scheme. Security and performance analyses show that our enhanced scheme satisfies more security properties and less computational cost compared with previously proposed schemes.

The need for accurate authentication in the current IT world is of utmost importance. Users rely on current IT technologies to facilitate in day to day interactions with nearly all environments. Strong authentication technologies like the various biometric technologies have been in existence for many years. Many of these technologies, for instance fingerprint biometrics, have reached maturity. However, passwords and pins are still the most commonly used authentication mechanisms at this stage. An average user has to be authenticated in various situations during daily interaction with his or her environment, by means of a pin or a password. This results in many different passwords and pins that the user has to remember. The user will eventually either start documenting these passwords and pins, or often, simply use the same password and pin for all authentication situations.

Helper data systems mitigate the risk that biometric templates are stolen from a biometric data base. Yet, current systems face the drawback that strong Error Correction is needed in order to mitigate variations in the measured biometric during verification. Error correction codes are not always

Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

Full Text Available Human Monitoring and Authentication using Biodynamic Indicators and Behavioural Analysis (HUMABIO (2007 is an EU Specific Targeted Research Project (STREP where new types of biometrics are combined with state of the art sensorial technologies in order to enhance security in a wide spectrum of applications. The project aims to develop a modular, robust, multimodal biometrics security authentication and monitoring system which utilizes a biodynamic physiological profile, unique for each individual, and advancements of the state-of-the art in behavioural and other biometrics, such as face, speech, gait recognition, and seat-based anthropometrics. Several shortcomings in biometricauthentication will be addressed in the course of HUMABIO which will provide the basis for improving existing sensors, develop new algorithms, and design applications, towards creating new, unobtrusive biometricauthentication procedures in security sensitive, controlled environments. This paper presents the concept of this project, describes its unobtrusive authentication demonstrator, and reports some preliminary results.

Biometricauthentication is the process of establishing an individual’s identity through measurable characteristics of their behaviour, anatomy or physiology. Biometric technologies, such as fingerprint systems, are increasingly being used in a diverse range of contexts from immigration control, to banking and personal computing. As is often the case with emerging technologies, the usability aspects of system design have received less attention than technical aspects. Fingerprint systems pose a number of challenges for users and past research has identified issues with correct finger placement, system feedback and instruction. This paper describes the development of an interface for fingerprint systems using an iterative, participative design approach. During this process, several different methods for the presentation of instruction and feedback were identified. The different types of instruction and feedback were tested in a study involving 82 participants. The results showed that feedback had a statistically significant effect on overall system performance, but instruction did not. The design recommendations emerging from this study, and the use of participatory design in this context, are discussed.

Biometric Technologies and Verification Systems is organized into nine parts composed of 30 chapters, including an extensive glossary of biometric terms and acronyms. It discusses the current state-of-the-art in biometric verification/authentication, identification and system design principles. It also provides a step-by-step discussion of how biometrics works; how biometric data in human beings can be collected and analyzed in a number of ways; how biometrics are currently being used as a method of personal identification in which people are recognized by their own unique corporal or behavior

Full Text Available ABSTRACT The fingerprint, knuckle print and the retina are used to authenticate a person accurately because of the permanence in the features. These three biometric traits are fused for better security. The fingerprint and knuckle print images are pre-processed by morphological techniques and the features are extracted from the normalized image using gabor filter. The retinal image is converted to gray image and pre-processing is done using top hat and bottom hat filtering. Blood vessels are segmented and the features are extracted by locating the optic disk as the centre point. The extracted features from the fingerprint, knuckle print and the retina are fused together as one template and stored in the data base for authentication purpose, thus reducing the space and time complexity.

The Telecare Medicine Information Systems (TMISs) provide an efficient communicating platform supporting the patients access health-care delivery services via internet or mobile networks. Authentication becomes an essential need when a remote patient logins into the telecare server. Recently, many extended chaotic maps based authentication schemes using smart cards for TMISs have been proposed. Li et al. proposed a secure smart cards based authentication scheme for TMISs using extended chaotic maps based on Lee's and Jiang et al.'s scheme. In this study, we show that Li et al.'s scheme has still some weaknesses such as violation the session key security, vulnerability to user impersonation attack and lack of local verification. To conquer these flaws, we propose a chaotic maps and smart cards based password authentication scheme by applying biometrics technique and hash function operations. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Li et al.'s scheme. As compared with the previous authentication schemes, the proposed scheme is more secure and efficient and hence more practical for telemedical environments.

For applications like Terrorist Watch Lists and Smart Guns, a false rejection is more critical than a false acceptance. In this paper a new threat model focusing on false rejections is presented, and the 'standard' architecture of a biometricsystem is extended by adding components like crypto,

For applications like Terrorist Watch Lists and Smart Guns, a false rejection is more critical than a false acceptance. In this paper a new threat model focusing on false rejections is presented, and the standard architecture of a biometricsystem is extended by adding components like crypto, audit

Full Text Available The traditional ATM terminal customer recognition systems rely only on bank cards, passwords and such identity verification methods are not perfect and functions are too single. Biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. This paper presents a highly secured ATM banking system using biometricauthentication and wavelet based Advanced Encryption Standard (AES algorithm. Two levels of security are provided in this proposed design. Firstly we consider the security level at the client side by providing biometricauthentication scheme along with a password of 4-digit long. Biometricauthentication is achieved by considering the fingerprint image of the client. Secondly we ensure a secured communication link between the client machine to the bank server using an optimized energy efficient and wavelet based AES processor. The fingerprint image is the data for encryption process and 4-digit long password is the symmetric key for the encryption process. The performance of ATM machine depends on ultra-high-speed encryption, very low power consumption, and algorithmic integrity. To get a low power consuming and ultra-high speed encryption at the ATM machine, an optimized and wavelet based AES algorithm is proposed. In this systembiometric and cryptography techniques are used together for personal identity authentication to improve the security level. The design of the wavelet based AES processor is simulated and the design of the energy efficient AES processor is simulated in Quartus-II software. Simulation results ensure its proper functionality. A comparison among other research works proves its superiority.

In this report, we present a method using the capillary structuresunder the "distal interphalangeal joint" (DIP joint), which is located between the second and third (distal) phalanges of the finger, for achieving secure biometricauthentication. Images of the DIPjoint are acquired using a

Secure access is prerequisite for a mobile personal device (MPD) in a personal network (PN). An authentication method using biometrics, specifically face, is proposed in this paper. A fast face detection and registration method based on a Viola-Jones detector is implemented, and a

Full Text Available Security is a major concern for everyone be it individuals or organizations. As the nature of information systems is becoming distributed securing them is becoming difficult as well. New applications are developed by researchers and developers to counter security issues but as soon as the application is released new attacks are formed to bypass the application. Kerberos is an authentication protocol which helps in to verify and validate a user to a server. As it is a widely used protocol minimizing or preventing the password attack is important. In this research we have analyzed the Kerberos protocol and suggested some ideas which can be considered while updating Kerberos to prevent the password attack. In the proposed solution we are suggesting to use password and biometric technique while registering on the network to enjoy the services and a combination of cryptography and steganography technique while communicating back to the user.

Unobtrusive Authentication Using ACTIvity-Related and Soft BIOmetrics (ACTIBIO) is an EU Specific Targeted Research Project (STREP) where new types of biometrics are combined with state-of-the-art unobtrusive technologies in order to enhance security in a wide spectrum of applications. The project aims to develop a modular, robust, multimodal biometrics security authentication and monitoring system, which uses a biodynamic physiological profile, unique for each individual, and advancements of the state of the art in unobtrusive behavioral and other biometrics, such as face, gait recognition, and seat-based anthropometrics. Several shortcomings of existing biometric recognition systems are addressed within this project, which have helped in improving existing sensors, in developing new algorithms, and in designing applications, towards creating new, unobtrusive, biometricauthentication procedures in security-sensitive, Ambient Intelligence environments. This paper presents the concept of the ACTIBIO project and describes its unobtrusive authentication demonstrator in a real scenario by focusing on the vision-based biometric recognition modalities.

Nowadays, replacing traditional authentication methods with authentication and authorization infrastructures (AAIs) comes down to trading several passwords for one master password, which allows users to access all services in a federation. Having only one password may be comfortable for the user, but it also raises the interest of potential impostors, who may try to overcome the weak security that a single password provides. A solution to this issue would be a more-factor AAI, combining the p...

Full Text Available Mobile devices such as smartphones have until now been protected by traditional authentication methods, including passwords or pattern locks. These authentication mechanisms are difficult to remember and are often disabled, leaving the device vulnerable if stolen. This paper investigates the possibility of unobtrusive, continuous authentication for smartphones based on biometric data collected using a touchscreen. The possibility of authenticating users on a smartphone was evaluated by conducting an experiment simulating real-world touch interaction. Touch data was collected from 30 participants during normal phone use. The touch features were analysed in terms of the information provided for authentication. It was found that features such as finger pressure, location of touch interaction and shape of the finger were important discriminators for authentication. The touch data was also analysed using two classification algorithms to measure the authentication accuracy. The results show that touch data is sufficiently distinct between users to be used in authentication without disrupting normal touch interaction. It is also shown that the raw touch data was more effective in authentication than the aggregated gesture data.

Recently, numerous extended chaotic map-based password authentication schemes that employ smart card technology were proposed for Telecare Medical Information Systems (TMISs). In 2015, Lu et al. used Li et al.'s scheme as a basis to propose a password authentication scheme for TMISs that is based on biometrics and smart card technology and employs extended chaotic maps. Lu et al. demonstrated that Li et al.'s scheme comprises some weaknesses such as those regarding a violation of the session-key security, a vulnerability to the user impersonation attack, and a lack of local verification. In this paper, however, we show that Lu et al.'s scheme is still insecure with respect to issues such as a violation of the session-key security, and that it is vulnerable to both the outsider attack and the impersonation attack. To overcome these drawbacks, we retain the useful properties of Lu et al.'s scheme to propose a new password authentication scheme that is based on smart card technology and requires the use of chaotic maps. Then, we show that our proposed scheme is more secure and efficient and supports security properties.

Telecare medicine information system (TMIS) offers the patients convenient and expedite healthcare services remotely anywhere. Patient security and privacy has emerged as key issues during remote access because of underlying open architecture. An authentication scheme can verify patient's as well as TMIS server's legitimacy during remote healthcare services. To achieve security and privacy a number of authentication schemes have been proposed. Very recently Lu et al. (J. Med. Syst. 39(3):1-8, 2015) proposed a biometric based three factor authentication scheme for TMIS to confiscate the vulnerabilities of Arshad et al.'s (J. Med. Syst. 38(12):136, 2014) scheme. Further, they emphasized the robustness of their scheme against several attacks. However, in this paper we establish that Lu et al.'s scheme is vulnerable to numerous attacks including (1) Patient anonymity violation attack, (2) Patient impersonation attack, and (3) TMIS server impersonation attack. Furthermore, their scheme does not provide patient untraceability. We then, propose an improvement of Lu et al.'s scheme. We have analyzed the security of improved scheme using popular automated tool ProVerif. The proposed scheme while retaining the plusses of Lu et al.'s scheme is also robust against known attacks.

Security biometrics is a secure alternative to traditional methods of identity verification of individuals, such as authenticationsystems based on user name and password. Recently, it has been found that the electrocardiogram (ECG) signal formed by five successive waves (P, Q, R, S and T) is unique to each individual. In fact, better than any other biometrics' measures, it delivers proof of subject's being alive as extra information which other biometrics cannot deliver. The main purpose of this work is to present a low-cost method for online acquisition and processing of ECG signals for person authentication and to study the possibility of providing additional information and retrieve personal data from an electrocardiogram signal to yield a reliable decision. This study explores the effectiveness of a novel biometricsystem resulting from the fusion of information and knowledge provided by ECG and EMG (Electromyogram) physiological recordings. It is shown that biometrics based on these ECG/EMG signals offers a novel way to robustly authenticate subjects. Five ECG databases (MIT-BIH, ST-T, NSR, PTB and ECG-ID) and several ECG signals collected in-house from volunteers were exploited. A palm-based ECG biometricsystem was developed where the signals are collected from the palm of the subject through a minimally intrusive one-lead ECG set-up. A total of 3750 ECG beats were used in this work. Feature extraction was performed on ECG signals using Fourier descriptors (spectral coefficients). Optimum-Path Forest classifier was used to calculate the degree of similarity between individuals. The obtained results from the proposed approach look promising for individuals' authentication.

This paper reports the phases of study and implementation of a remote biometricauthentication protocol developed during my internship at the I.i.t. of the C.n.r. in Pisa. Starting from the study of authentication history we had a look from the first system used since the 60ies to the latest technology; this helped us understand how we could realize a demonstration working protocol that could achieve a web remote authentication granting good reliability: to do this we choosed to modify the SS...

A nonlinear image encryption scheme using phase-truncated Fourier transform (PTFT) and natural logarithms is proposed in this paper. With the help of the PTFT, the input image is truncated into phase and amplitude parts at the Fourier plane. The phase-only information is kept as the secret key for the decryption, and the amplitude distribution is modulated by adding an undercover amplitude random mask in the encryption process. Furthermore, the encrypted data is kept hidden inside the face biometric-based phase mask key using the base changing rule of logarithms for secure transmission. This phase mask is generated through principal component analysis. Numerical experiments show the feasibility and the validity of the proposed nonlinear scheme. The performance of the proposed scheme has been studied against the brute force attacks and the amplitude-phase retrieval attack. Simulation results are presented to illustrate the enhanced system performance with desired advantages in comparison to the linear cryptosystem.

There is an increasing need for reliable authentication for a number of applications such as e commerce. Common authentication methods based on ownership (ID card) or knowledge factors (password, PIN) are often prone to manipulations and may therefore be not safe enough. Various inherence factor based methods like fingerprint, retinal pattern or voice identifications are considered more secure. Retina scanning in particular offers both low false rejection rate (FRR) and low false acceptance rate (FAR) with about one in a million. Images of the retina with its characteristic pattern of blood vessels can be made with either a fundus camera or laser scanning methods. The present work describes the optical design of a new compact retina laser scanner which is based on MEMS (Micro Electric Mechanical System) technology. The use of a dual axis micro scanning mirror for laser beam deflection enables a more compact and robust design compared to classical systems. The scanner exhibits a full field of view of 10° which corresponds to an area of 4 mm2 on the retinal surface surrounding the optical disc. The system works in the near infrared and is designed for use under ambient light conditions, which implies a pupil diameter of 1.5 mm. Furthermore it features a long eye relief of 30 mm so that it can be conveniently used by persons wearing glasses. The optical design requirements and the optical performance are discussed in terms of spot diagrams and ray fan plots.

Full Text Available New information technologies alongside their benefits also bring new dangers with themselves. It is difficult to decide which authentication tool to use and implement in the information systems and electronic documents. The final decision has to compromise among the facts that it faces several conflicting requirements: highly secure tool, to be a user-friendly and user simplicity method, ensure protection against errors and failures of users, speed of authentication and provide these features for a reasonable price. Even when the compromised solution is found it has to fulfill the given technology standards. For the listed reasons the paper argues one of the most natural biometricauthentication method the dynamic biometric signature and lists its related standards. The paper also includes measurement evaluation which solves the independence between the person’s signature and device on which it was created

Full Text Available In general, the identification and verification are done by passwords, pin number, etc., which is easily cracked by others. In order to overcome this issue biometrics is a unique tool for authenticate an individual person. Nevertheless, unimodal biometric is suffered due to noise, intra class variations, spoof attacks, non-universality and some other attacks. In order to avoid these attacks, the multimodal biometrics i.e. combining of more modalities is adapted. In a biometricauthenticationsystem, the acceptance or rejection of an entity is dependent on the similarity score falling above or below the threshold. Hence this paper has focused on the security of the biometricsystem, because compromised biometric templates cannot be revoked or reissued and also this paper has proposed a multimodal system based on an evolutionary algorithm, Particle Swarm Optimization that adapts for varying security environments. With these two concerns, this paper had developed a design incorporating adaptability, authenticity and security.

Biometricauthentication is an important process for the identification and verification of individuals for security purposes. There are many biometricsystems that are currently in use and also being researched. Tongue print is a new biometricauthentication tool that is unique and cannot be easily forged because no two tongue prints are similar. The present study aims to evaluate the common morphological features of the tongue and its variations in males and females. The usefulness of alginate impression and dental cast in obtaining the lingual impression was also evaluated. The study sample included twenty participants. The participants were subjected to visual examination following which digital photographs of the dorsal surface of the tongue were taken. Alginate impressions of the tongue were made, and casts were prepared using dental stone. The photographs and the casts were analyzed by two observers separately for the surface morphology including shape, presence or absence of fissures and its pattern of distribution. Three reference points were considered to determine the shape of the tongue. The most common morphological feature on the dorsum of the tongue was the presence of central fissures. Multiple vertical fissures were observed in males whereas single vertical fissure was a common finding in females. The fissures were predominantly shallow in males and deep in females. The tongue was predominantly U shaped in males and females. V-shaped tongue was observed in 25% of females. Tongue prints are useful in biometricauthentication. The methodology used in the study is simple, easy and can be adopted by dentists on a regular basis. However, large-scale studies are required to validate the results and also identify other features of the tongue that can be used in forensics and biometricauthentication process.

Biometrics consists of methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. Physicals are related to the shape of the body. Behavioral are related to the behavior of a person. However, biometricauthenticationsystems suffer from imprecision and difficulty in person recognition due to a number of reasons and no single biometrics is expected to effectively satisfy the requirements of all verification and/or identification applications. Bimodal biometricsystems are expected to be more reliable due to the presence of two pieces of evidence and also be able to meet the severe performance requirements imposed by various applications. This paper presents a neural network based bimodal biometric identification system by using human face and handwritten signature features.

Biometricauthenticationsystems can be used to control digital signature of medical documents. This pilot study evaluated the use of two different fingerprint technologies and one iris technology to control creation of digital signatures on a central server using public private key pairs stored on the server. Documents and signatures were stored in XML for portability. Key pairs and authentication certificates were generated during biometric enrollment. Usability and user acceptance were guarded and limitations of biometricsystems prevented use of the system with all test subjects. The system detected alternations in the data content and provided future signer re-authentication for non-repudiation.

A password system comprises a set of codewords spaced apart from one another by a Hamming distance (HD) that exceeds twice the variability that can be projected for a series of biometric measurements for a particular individual and that is less than the HD that can be encountered between two individuals. To enroll an individual, a biometric measurement is taken and exclusive-ORed with a random codeword to produce a "reference value." To verify the individual later, a biometric measurement is taken and exclusive-ORed with the reference value to reproduce the original random codeword or its approximation. If the reproduced value is not a codeword, the nearest codeword to it is found, and the bits that were corrected to produce the codeword to it is found, and the bits that were corrected to produce the codeword are also toggled in the biometric measurement taken and the codeword generated during enrollment. The correction scheme can be implemented by any conventional error correction code such as Reed-Muller code R(m,n). In the implementation using a hand geometry device an R(2,5) code has been used in this invention. Such codeword and biometric measurement can then be used to see if the individual is an authorized user. Conventional Diffie-Hellman public key encryption schemes and hashing procedures can then be used to secure the communications lines carrying the biometric information and to secure the database of authorized users.

A password system comprises a set of codewords spaced apart from one another by a Hamming distance (HD) that exceeds twice the variability that can be projected for a series of biometric measurements for a particular individual and that is less than the HD that can be encountered between two individuals. To enroll an individual, a biometric measurement is taken and exclusive-ORed with a random codeword to produce a reference value. To verify the individual later, a biometric measurement is taken and exclusive-ORed with the reference value to reproduce the original random codeword or its approximation. If the reproduced value is not a codeword, the nearest codeword to it is found, and the bits that were corrected to produce the codeword to it is found, and the bits that were corrected to produce the codeword are also toggled in the biometric measurement taken and the codeword generated during enrollment. The correction scheme can be implemented by any conventional error correction code such as Reed-Muller code R(m,n). In the implementation using a hand geometry device an R(2,5) code has been used in this invention. Such codeword and biometric measurement can then be used to see if the individual is an authorized user. Conventional Diffie-Hellman public key encryption schemes and hashing procedures can then be used to secure the communications lines carrying the biometric information and to secure the database of authorized users

The use of mobile communication devices with advance sensors is growing rapidly. These sensors are enabling functions such as Image capture, Location applications, and Biometricauthentication such as Fingerprint verification and Face & Handwritten signature recognition. Such ubiquitous devices are essential tools in today's global economic activities enabling anywhere-anytime financial and business transactions. Cryptographic functions and biometric-based authentication can enhance the security and confidentiality of mobile transactions. Using Biometric template security techniques in real-time biometric-based authentication are key factors for successful identity verification solutions, but are venerable to determined attacks by both fraudulent software and hardware. The EU-funded SecurePhone project has designed and implemented a multimodal biometric user authenticationsystem on a prototype mobile communication device. However, various implementations of this project have resulted in long verification times or reduced accuracy and/or security. This paper proposes to use built-in-self-test techniques to ensure no tampering has taken place on the verification process prior to performing the actual biometricauthentication. These techniques utilises the user personal identification number as a seed to generate a unique signature. This signature is then used to test the integrity of the verification process. Also, this study proposes the use of a combination of biometric modalities to provide application specific authentication in a secure environment, thus achieving optimum security level with effective processing time. I.e. to ensure that the necessary authentication steps and algorithms running on the mobile device application processor can not be undermined or modified by an imposter to get unauthorized access to the secure system.

Full Text Available This paper describes different approaches for the face authentication from the features and classification abilities point of view. Authors compare two types of features - Histogram of Oriented Gradients (HOG and Local Binary Patterns (LBP including their combination. These parameters are classified using Multilayer Neural Network (MLNN and Support Vector Machines (SVM. Face authentication consists of several steps. The first step contains Viola-Jones algorithm for face detection. Authors resize the detected face for a fixed vector and afterwards, it is converted into grayscale. Next, feature extraction with a simple Min-Max normalization is applied. Obtained parameters are evaluated by classifiers and for each detected face, authors get posterior probability as the output of the classifier. Different approaches for face authentication are compared with each other using False Acceptance Rate (FAR, False Rejection Rate (FRR, Equal Error Rate (EER, Receiver Operating Characteristic (ROC and Detection Error Tradeoff (DET curves. The results are verified with AR Face Database and elaborated in a feature extraction and classifier design point of view. Best results were achieved by HOG feature for SVM classifier. Detailed results are listed in the text below.

Although biometricauthentication is perceived to be more reliable than traditional authentication schemes, it becomes vulnerable to many attacks when it comes to remote authentication over open networks and raises serious privacy concerns. This paper proposes a biometric-based challenge-response approach to be used for remote authentication between two parties A and B over open networks. In the proposed approach, a remote authenticatorsystem B (e.g. a bank) challenges its client A who wants to authenticate his/her self to the system by sending a one-time public random challenge. The client A responds by employing the random challenge along with secret information obtained from a password and a token to produce a one-time cancellable representation of his freshly captured biometric sample. The one-time biometric representation, which is based on multi-factor, is then sent back to B for matching. Here, we argue that eavesdropping of the one-time random challenge and/or the resulting one-time biometric representation does not compromise the security of the system, and no information about the original biometric data is leaked. In addition to securing biometric templates, the proposed protocol offers a practical solution for the replay attack on biometricsystems. Moreover, we propose a new scheme for generating a password-based pseudo random numbers/permutation to be used as a building block in the proposed approach. The proposed scheme is also designed to provide protection against repudiation. We illustrate the viability and effectiveness of the proposed approach by experimental results based on two biometric modalities: fingerprint and face biometrics.

Full Text Available The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authenticationsystems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authenticationsystem. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authenticationsystems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authenticationsystem. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authenticationsystems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authenticationsystem. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility. PMID:24151601

Biometricauthenticationsystems can be used to control digital signature of medical documents. This pilot study evaluated the use of two different fingerprint technologies and one iris technology to control creation of digital signatures on a central server using public private key pairs stored on the server. Documents and signatures were stored in XML for portability. Key pairs and authentication certificates were generated during biometric enrollment. Usability and user acceptance were gua...

Full Text Available ? biometrics and smart cards Part B: Biometrics ? CSIR 2012 Slide 7 BiometricAuthentication ? CSIR 2012 Slide 8 ? A science that uses a person?s behavioral and/or physiological traits to establish their identify, or verify their claimed identity.../or characteristics of some thing ? This thing can be anything, however in the context of this discussion, this thing could be a person, a network device, or even an identity authentication device itself ? This act or process of verifying these attributes could...

Most biometric books are either extraordinarily technical for technophiles or extremely elementary for the lay person. Striking a balance between the two, Biometric Technology: Authentication, Biocryptography, and Cloud-Based Architecture is ideal for business, IT, or security managers that are faced with the task of making purchasing, migration, or adoption decisions. It brings biometrics down to an understandable level, so that you can immediately begin to implement the concepts discussed.Exploring the technological and social implications of widespread biometric use, the book considers the

Full Text Available Unobtrusive Authentication Using ACTIvity-Related and Soft BIOmetrics (ACTIBIO is an EU Specific Targeted Research Project (STREP where new types of biometrics are combined with state-of-the-art unobtrusive technologies in order to enhance security in a wide spectrum of applications. The project aims to develop a modular, robust, multimodal biometrics security authentication and monitoring system, which uses a biodynamic physiological profile, unique for each individual, and advancements of the state of the art in unobtrusive behavioral and other biometrics, such as face, gait recognition, and seat-based anthropometrics. Several shortcomings of existing biometric recognition systems are addressed within this project, which have helped in improving existing sensors, in developing new algorithms, and in designing applications, towards creating new, unobtrusive, biometricauthentication procedures in security-sensitive, Ambient Intelligence environments. This paper presents the concept of the ACTIBIO project and describes its unobtrusive authentication demonstrator in a real scenario by focusing on the vision-based biometric recognition modalities.

The medical organizations have introduced Telecare Medical Information System (TMIS) to provide a reliable facility by which a patient who is unable to go to a doctor in critical or urgent period, can communicate to a doctor through a medical server via internet from home. An authentication mechanism is needed in TMIS to hide the secret information of both parties, namely a server and a patient. Recent research includes patient's biometric information as well as password to design a remote user authentication scheme that enhances the security level. In a single server environment, one server is responsible for providing services to all the authorized remote patients. However, the problem arises if a patient wishes to access several branch servers, he/she needs to register to the branch servers individually. In 2014, Chuang and Chen proposed an remote user authentication scheme for multi-server environment. In this paper, we have shown that in their scheme, an non-register adversary can successfully logged-in into the system as a valid patient. To resist the weaknesses, we have proposed an authentication scheme for TMIS in multi-server environment where the patients can register to a root telecare server called registration center (RC) in one time to get services from all the telecare branch servers through their registered smart card. Security analysis and comparison shows that our proposed scheme provides better security with low computational and communication cost.

This article discusses the possibility of using biometric information technologies in management. Made a brief overview of access control and time attendance. Analyzed biometrics and identification system user. Recommendations on the use of various systems depending on the specific tasks.

In this paper, we propose a new digital holographic-based cancellable biometric scheme for personal authentication and verification. The realization of cancellable biometric is presented by using an optoelectronic experimental approach, in which an optically recorded hologram of the fingerprint of a person is numerically reconstructed. Each reconstructed feature has its own perspective, which is utilized to generate user-specific fingerprint features by using a feature-extraction process. New representations of the user-specific fingerprint features can be obtained from the same hologram, by changing the reconstruction distance (d) by an amount Δd between the recording plane and the reconstruction plane. This parameter is the key to make the cancellable user-specific fingerprint features using a digital holographic technique, which allows us to choose different reconstruction distances when reissuing the user-specific fingerprint features in the event of compromise. We have shown theoretically that each user-specific fingerprint feature has a unique identity with a high discrimination ability, and the chances of a match between them are minimal. In this aspect, a recognition system has also been demonstrated using the fingerprint biometric of the enrolled person at a particular reconstruction distance. For the performance evaluation of a fingerprint recognition system—the false acceptance ratio, the false rejection ratio and the equal error rate are calculated using correlation. The obtained results show good discrimination ability between the genuine and the impostor populations with the highest recognition rate of 98.23%. (paper)

Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when co...

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

Full Text Available Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authenticationsystem. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

Full Text Available Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authenticationsystem. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

A modular system for acquiring biometric data includes a plurality of data acquisition modules configured to sample biometric data from at least one respective input channel at a data acquisition rate. A representation of the sampled biometric data is stored in memory of each of the plurality of data acquisition modules. A central control system is in communication with each of the plurality of data acquisition modules through a bus. The central control system is configured to control communication of data, via the bus, with each of the plurality of data acquisition modules.

A novel hand biometricauthentication method based on measurements of the user's stationary hand gesture of hand sign language is proposed. The measurement of hand gestures could be sequentially acquired by a low-cost video camera. There could possibly be another level of contextual information, associated with these hand signs to be used in biometricauthentication. As an analogue, instead of typing a password 'iloveu' in text which is relatively vulnerable over a communication network, a signer can encode a biometric password using a sequence of hand signs, 'i' , 'l' , 'o' , 'v' , 'e' , and 'u'. Subsequently the features from the hand gesture images are extracted which are integrally fuzzy in nature, to be recognized by a classification model for telling if this signer is who he claimed himself to be, by examining over his hand shape and the postures in doing those signs. It is believed that everybody has certain slight but unique behavioral characteristics in sign language, so are the different hand shape compositions. Simple and efficient image processing algorithms are used in hand sign recognition, including intensity profiling, color histogram and dimensionality analysis, coupled with several popular machine learning algorithms. Computer simulation is conducted for investigating the efficacy of this novel biometricauthentication model which shows up to 93.75% recognition accuracy.

This bachelor thesis is focused on biometric methods, particularly on fingerprint recognition. First part of thesis places biometric into other methods of people's identification. Identification by token and by knowledge. It also describes the beginning and evolution of biometric. The theoretical part also closely clarify working with data and different view on the biometricsystems. The following part of the thesis defines the basic principles of using biometricsystems, counting FAR and FRR...

One of the challenging biometricauthentication applications is gender identification and age classification, which captures gait from far distance and analyze physical information of the subject such as gender, race and emotional state of the subject. It is found that most of the gender identification techniques have focused only with frontal pose of different human subject, image size and type of database used in the process. The study also classifies different feature extraction process such as, Principal Component Analysis (PCA) and Local Directional Pattern (LDP) that are used to extract the authentication features of a person. This paper aims to analyze different gender classification techniques that help in evaluating strength and weakness of existing gender identification algorithm. Therefore, it helps in developing a novel gender classification algorithm with less computation cost and more accuracy. In this paper, an overview and classification of different gender identification techniques are first presented and it is compared with other existing human identification system by means of their performance.

We propose a flexible security authentication solution for the spacecraft end-user, which will allow the user to interact over Internet with the spacecraft, its instruments, or with the ground segment from anywhere, anytime based on the user's pre-defined set of privileges. This package includes biometricsauthentication products, such as face, voice or fingerprint recognition, authentication services and procedures, such as: user registration and verification over the Internet and user database maintenance, with a configurable schema of spacecraft users' privileges. This fast and reliable user authentication mechanism will become an integral part of end-to-end ground-to-space secure Internet communications and migration from current practice to the future. All modules and services of the proposed package are commercially available and built to the NIST BioAPI standard, which facilitates "pluggability" and interoperability.

Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when compared to other related protocols.

Full Text Available Several biometric-based remote user authentication schemes using smart cards have been proposed in the literature in order to improve the security weaknesses in user authenticationsystem. In 2012, An proposed an enhanced biometric-based remote user authentication scheme using smart cards. It was claimed that the proposed scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. In this paper, we first analyze the security of An’s scheme and we show that this scheme has three serious security flaws in the design of the scheme: (i flaw in user’s biometric verification during the login phase, (ii flaw in user’s password verification during the login and authentication phases, and (iii flaw in user’s password change locally at any time by the user. Due to these security flaws, An’s scheme cannot support mutual authentication between the user and the server. Further, we show that An’s scheme cannot prevent insider attack. In order to remedy the security weaknesses found in An’s scheme, we propose a new robust and secure anonymous biometric-based remote user authentication scheme using smart cards. Through the informal and formal security analysis, we show that our scheme is secure against all possible known attacks including the attacks found in An’s scheme. The simulation results of our scheme using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool ensure that our scheme is secure against passive and active attacks. In addition, our scheme is also comparable in terms of the communication and computational overheads with An’s scheme and other related existing schemes. As a result, our scheme is more appropriate for practical applications compared to other approaches.

Modularity BiometricSystem (MBS) is an approach to support AiTR of the cooperated and/or non-cooperated standoff biometric in an area persistent surveillance. Advanced active and passive EOIR and RF sensor suite is not considered here. Neither will we consider the ROC, PD vs. FAR, versus the standoff POT in this paper. Our goal is to catch the "most wanted (MW)" two dozens, separately furthermore ad hoc woman MW class from man MW class, given their archrivals sparse front face data basis, by means of various new instantaneous input called probing faces. We present an advanced algorithm: mini-Max classifier, a sparse sample realization of Cramer-Rao Fisher bound of the Maximum Likelihood classifier that minimize the dispersions among the same woman classes and maximize the separation among different man-woman classes, based on the simple feature space of MIT Petland eigen-faces. The original aspect consists of a modular structured design approach at the system-level with multi-level architectures, multiple computing paradigms, and adaptable/evolvable techniques to allow for achieving a scalable structure in terms of biometric algorithms, identification quality, sensors, database complexity, database integration, and component heterogenity. MBS consist of a number of biometric technologies including fingerprints, vein maps, voice and face recognitions with innovative DSP algorithm, and their hardware implementations such as using Field Programmable Gate arrays (FPGAs). Biometric technologies and the composed modularity biometricsystem are significant for governmental agencies, enterprises, banks and all other organizations to protect people or control access to critical resources.

Traditional authentication methods use numbers or graphic passwords and thus involve the risk of loss or theft. Various studies are underway regarding biometricauthentication because it uses the unique biometric data of a human being. Biometricauthentication technology using ECG from biometric data involves signals that record electrical stimuli from the heart. It is difficult to manipulate and is advantageous in that it enables unrestrained measurements from sensors that are attached to the skin. This study is on biometricauthentication methods using the neural network with weighted fuzzy membership functions (NEWFM). In the biometricauthentication process, normalization and the ensemble average is applied during preprocessing, characteristics are extracted using Haar-wavelets, and a registration process called “training” is performed in the fuzzy neural network. In the experiment, biometricauthentication was performed on 73 subjects in the Physionet Database. 10-40 ECG waveforms were tested for use in the registration process, and 15 ECG waveforms were deemed the appropriate number for registering ECG waveforms. 1 ECG waveforms were used during the authentication stage to conduct the biometricauthentication test. Upon testing the proposed biometricauthentication method based on 73 subjects from the Physionet Database, the TAR was 98.32% and FAR was 5.84%.

This chapter describes the design and implementation of an Embedded System for Biometric Identification from hardware and software perspectives. The first part of the chapter describes the idea of biometric identification. This includes the definition of

Full Text Available Due to commoditization and convenience, wearable technology are interwoven with our daily life. However, privacy sensitive data stored on those devices such as personal email, message can be easily stolen. Most devices require a PIN input to unlock. However, this mechanism is vulnerable to shoulder surfing attack. Thus many novel authentication approaches have been proposed to solve this problem. And biometric-based methods have been adopted by many researchers because of the efficiency and excellent performance. In this paper, we propose a new biometric-based authenticationsystem. We focus on how the user performs a straight punch gesture subconsciously. By analysis the acceleration data from the smartwatch when user performing the gesture, we are able to profile the user. And we authenticate the user according to the biometrics of this action. This mechanism is light-weighted and do not require user to remember any secret code. We develop an authenticationsystem on Samsung Gear Fit 2 and conducted a real-world experiment on 20 volunteers. And we collected 13000 gesture samples to evaluate our system. Results show that our system can achieve a classification accuracy of at least 95.45%. In attacking scenario, our system can achieve an equal error rate lower than 4%. The maximum number of samples required by a well-trained classifier is 25.

Personal identification technology as security systems is developing rapidly. Traditional authentication modes like key; password; card are not safe enough because they could be stolen or easily forgotten. Biometric as developed technology has been applied to a wide range of systems. According to different researchers, vein biometric is a good candidate among other biometric traits such as fingerprint, hand geometry, voice, DNA and etc for authenticationsystems. Vein authenticationsystems can be designed by different methodologies. All the methodologies consist of matching stage which is too important for final verification of the system. Neural Network is an effective methodology for matching and recognizing individuals in authenticationsystems. Therefore, this paper explains and implements the Neural Network methodology for finger vein authenticationsystem. Neural Network is trained in Matlab to match the vein features of authenticationsystem. The Network simulation shows the quality of matching as 95% which is a good performance for authenticationsystem matching.

The most commonly used method for user authentication in ICT services or systems is the application of identification tools such as passwords or personal identification numbers (PINs). The rapid development in ICT technology regarding smart devices (laptops, tablets and smartphones) has allowed also the advance of hardware components that capture several biometric traits such as fingerprints and voice. These components are aiming among others to overcome weaknesses and flaws of password usage under the prism of improved user authentication with higher level of security, privacy and usability. To this respect, the potential application of biometrics for secure user authentication regarding access in systems with sensitive data (i.e. patient's data from electronic health records) shows great potentials. SpeechXRays aims to provide a user recognition platform based on biometrics of voice acoustics analysis and audio-visual identity verification. Among others, the platform aims to be applied as an authentication tool for medical personnel in order to gain specific access to patient's electronic health records. In this work a short description of SpeechXrays implementation tool regarding eHealth is provided and analyzed. This study explores security and privacy issues, and offers a comprehensive overview of biometrics technology applications in addressing the e-Health security challenges. We present and describe the necessary requirement for an eHealth platform concerning biometric security.

Cross disciplinary biometricsystems help boost the performance of the conventional systems. Not only is the recognition accuracy significantly improved, but also the robustness of the systems is greatly enhanced in the challenging environments, such as varying illumination conditions. By leveraging the cross disciplinary technologies, face recognition systems, fingerprint recognition systems, iris recognition systems, as well as image search systems all benefit in terms of recognition performance. Take face recognition for an example, which is not only the most natural way human beings recognize the identity of each other, but also the least privacy-intrusive means because people show their face publicly every day. Face recognition systems display superb performance when they capitalize on the innovative ideas across color science, mathematics, and computer science (e.g., pattern recognition, machine learning, and image processing). The novel ideas lead to the development of new color models and effective ...

Described are methods and systems for determining authenticity. For example, the method may include providing an object of authentication, capturing characteristic data from the object of authentication, deriving authentication data from the characteristic data of the object of authentication, and comparing the authentication data with an electronic database comprising reference authentication data to provide an authenticity score for the object of authentication. The reference authentication data may correspond to one or more reference objects of authentication other than the object of authentication.

Biometricsystems are increasingly being used as a means for authentication to provide system security in modern technologies. The performance of a biometricsystem depends on the accuracy, the processing speed, the template size, and the time necessary for enrollment. While much research has focused on the first three factors, enrollment time has not received as much attention. In this work, we present the findings of our research focused upon studying user’s behavior when enrolling in...

This master’s thesis work was performed at Optimum Biometric Labs, OBL, located in Karlskrona, Sweden. Optimum Biometric Labs perform independent scenario evaluations to companies who develop biometric devices. The company has a product Optimum preConTM which is surveillance and diagnosis tool for biometricsystems. This thesis work’s objective was to develop a conceptual model and implement it as an additional layer above the biometric layer with intelligence about the biometric users. The l...

Full Text Available The photoplethysmogram (PPG is a biomedical signal that can be used to estimate volumetric blood flow changes in the peripheral circulation. During the past few years, several works have been published in order to assess the potential for PPGs to be used in biometricauthenticationsystems, but results are inconclusive. In this paper we perform an analysis of the feasibility of using the PPG as a realistic biometric alternative in the long term. Several feature extractors (based on the time domain and the Karhunen–Loève transform and matching metrics (Manhattan and Euclidean distances have been tested using four different PPG databases (PRRB, MIMIC-II, Berry, and Nonin. We show that the false match rate (FMR and false non-match rate (FNMR values remain constant in different time instances for a selected threshold, which is essential for using the PPG for biometricauthentication purposes. On the other hand, obtained equal error rate (EER values for signals recorded during the same session range from 1.0% for high-quality signals recorded in controlled conditions to 8% for those recorded in conditions closer to real-world scenarios. Moreover, in certain scenarios, EER values rise up to 23.2% for signals recorded over different days, signaling that performance degradation could take place with time.

The photoplethysmogram (PPG) is a biomedical signal that can be used to estimate volumetric blood flow changes in the peripheral circulation. During the past few years, several works have been published in order to assess the potential for PPGs to be used in biometricauthenticationsystems, but results are inconclusive. In this paper we perform an analysis of the feasibility of using the PPG as a realistic biometric alternative in the long term. Several feature extractors (based on the time domain and the Karhunen⁻Loève transform) and matching metrics (Manhattan and Euclidean distances) have been tested using four different PPG databases (PRRB, MIMIC-II, Berry, and Nonin). We show that the false match rate ( FMR ) and false non-match rate ( FNMR ) values remain constant in different time instances for a selected threshold, which is essential for using the PPG for biometricauthentication purposes. On the other hand, obtained equal error rate (EER) values for signals recorded during the same session range from 1.0% for high-quality signals recorded in controlled conditions to 8% for those recorded in conditions closer to real-world scenarios. Moreover, in certain scenarios, EER values rise up to 23.2% for signals recorded over different days, signaling that performance degradation could take place with time.

It is important to ensure the security of biometricauthentication information, because its leakage causes serious risks, such as replay attacks using the stolen biometric data, and also because it is almost impossible to replace raw biometric information. In this paper, we propose a secure biometricauthentication scheme that protects such information by employing an optical data ciphering technique based on compressed sensing. The proposed scheme is based on two-factor authentication, the biometric information being supplemented by secret information that is used as a random seed for a cipher key. In this scheme, a biometric image is optically encrypted at the time of image capture, and a pair of restored biometric images for enrollment and verification are verified in the authentication server. If any of the biometric information is exposed to risk, it can be reenrolled by changing the secret information. Through numerical experiments, we confirm that finger vein images can be restored from the compressed sensing measurement data. We also present results that verify the accuracy of the scheme.

The article purpose is to describe the two sides of biometrics technologies, direct problems and inverse problems. The advance that we face today in field of Information Technology makes Information Security an inseparable part. The authentication has a huge role when we deal about security. The problems that can appear in implementing and developing biometricssystems is raising many problems, and one of the goal of this article is to focus on direct and inverse problems which is a new and c...

Body area sensor networks (BANs) utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG) signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometricauthentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system.

Body area sensor networks (BANs) utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG) signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometricauthentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system. PMID:27110785

Full Text Available Body area sensor networks (BANs utilize wireless communicating sensor nodes attached to a human body for convenience, safety, and health applications. Physiological characteristics of the body, such as the heart rate or Electrocardiogram (ECG signals, are promising means to simplify the setup process and to improve security of BANs. This paper describes the design and implementation steps required to realize an ECG-based authentication protocol to identify sensor nodes attached to the same human body. Therefore, the first part of the paper addresses the design of a body-area sensor system, including the hardware setup, analogue and digital signal processing, and required ECG feature detection techniques. A model-based design flow is applied, and strengths and limitations of each design step are discussed. Real-world measured data originating from the implemented sensor system are then used to set up and parametrize a novel physiological authentication protocol for BANs. The authentication protocol utilizes statistical properties of expected and detected deviations to limit the number of false positive and false negative authentication attempts. The result of the described holistic design effort is the first practical implementation of biometricauthentication in BANs that reflects timing and data uncertainties in the physical and cyber parts of the system.

Biometric National Identification Number Generation for Secure Network Authentication Based Fingerprint. ... Username, Password, Remember me, or Register ... In this paper an authentication based finger print biometricsystem is proposed ...

International audience; Biometrics is considered as a promising solution among traditional methods based on "what we own" (such as a key) or "what we know" (such as a password). It is based on "what we are" and "how we behave". Few people know that biometrics have been used for ages for identification or signature purposes. In 1928 for example, fingerprints were used for women clerical employees of Los Angeles police department as depicted in Figure 1. Fingerprints were also already used as a...

New information technologies alongside their benefits also bring new dangers with themselves. It is difficult to decide which authentication tool to use and implement in the information systems and electronic documents. The final decision has to compromise among the facts that it faces several conflicting requirements: highly secure tool, to be a user-friendly and user simplicity method, ensure protection against errors and failures of users, speed of authentication and provide these features...

According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks.

This work aims to highlight the fundamental issue surrounding biometric security systems: it’s all very nice until a biometric is forged, but what do we do after that? Granted, biometricsystems are by physical nature supposedly much harder to forge than other factors of authentication since biometrics on a human body are by right unique to the particular human person. Yet it is also due to this physical nature that makes it much more catastrophic when a forgery does occur, because it implies that this uniqueness has been forged as well, threatening the human individuality; and since crime has by convention relied on identifying suspects by biometric characteristics, loss of this biometric uniqueness has devastating consequences on the freedom and basic human rights of the victimized individual. This uniqueness forgery implication also raises the motivation on the adversary to forge since a successful forgery leads to much more impersonation situations when biometricsystems are used i.e. physical presence at crime scenes, identification and access to security systems and premises, access to financial accounts and hence the ability to use the victim’s finances. Depending on the gains, a desperate highly motivated adversary may even resort to directly obtaining the victim’s biometric parts by force e.g. severing the parts from the victim’s body; this poses a risk and threat not just to the individual’s uniqueness claim but also to personal safety and well being. One may then wonder if it is worth putting one’s assets, property and safety into the hands of biometrics based systems when the consequences of biometric forgery far outweigh the consequences of system compromises when no biometrics are used.

Biometric authorization and registration systems and methods are disclosed. In one embodiment, the system preferably comprises a firearm that includes a biometric authorization system, a plurality of training computers, and a server...

Full Text Available Wide usage of biometric information for person identity verification purposes, terrorist acts prevention measures and authenticationprocess simplification in computer systems has raised significant attention to reliability and efficiency of biometricsystems. Modern biometricsystems still face many reliability and efficiency related issues such as reference databasesearch speed, errors while recognizing of biometric information or automating biometric feature extraction. Current scientificinvestigations show that application of evolutionary algorithms may significantly improve biometricsystems. In thisarticle we provide a comprehensive review of main scientific research done in sphere of evolutionary algorithm applicationfor biometricsystem parameter improvement.

Many forms of biometrics have been proposed and studied for biometricsauthentication. Recently researchers are looking into longitudinal pattern matching that based on more than just a singular biometrics; data from user's activities are used to characterise the identity of a user. In this paper we advocate a novel type of authentication by using a user's medical history which can be electronically stored in a biometric security card. This is a sequel paper from our previous work about defining abstract format of medical data to be queried and tested upon authentication. The challenge to overcome is preserving the user's privacy by choosing only the useful features from the medical data for use in authentication. The features should contain less sensitive elements and they are implicitly related to the target illness. Therefore exchanging questions and answers about a few carefully chosen features in an open channel would not easily or directly expose the illness, but yet it can verify by inference whether the user has a record of it stored in his smart card. The design of a privacy preserving model by backward inference is introduced in this paper. Some live medical data are used in experiments for validation and demonstration.

Full Text Available Many forms of biometrics have been proposed and studied for biometricsauthentication. Recently researchers are looking into longitudinal pattern matching that based on more than just a singular biometrics; data from user’s activities are used to characterise the identity of a user. In this paper we advocate a novel type of authentication by using a user’s medical history which can be electronically stored in a biometric security card. This is a sequel paper from our previous work about defining abstract format of medical data to be queried and tested upon authentication. The challenge to overcome is preserving the user’s privacy by choosing only the useful features from the medical data for use in authentication. The features should contain less sensitive elements and they are implicitly related to the target illness. Therefore exchanging questions and answers about a few carefully chosen features in an open channel would not easily or directly expose the illness, but yet it can verify by inference whether the user has a record of it stored in his smart card. The design of a privacy preserving model by backward inference is introduced in this paper. Some live medical data are used in experiments for validation and demonstration.

Full Text Available With the security requirements of networks, biometricsauthenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.'s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.

With the security requirements of networks, biometricsauthenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.’s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks. PMID:26866606

With the security requirements of networks, biometricsauthenticated schemes which are applied in the multi-server environment come to be more crucial and widely deployed. In this paper, we propose a novel biometric-based multi-server authentication and key agreement scheme which is based on the cryptanalysis of Mishra et al.'s scheme. The informal and formal security analysis of our scheme are given, which demonstrate that our scheme satisfies the desirable security requirements. The presented scheme provides a variety of significant functionalities, in which some features are not considered in the most of existing authentication schemes, such as, user revocation or re-registration and biometric information protection. Compared with several related schemes, our scheme has more secure properties and lower computation cost. It is obviously more appropriate for practical applications in the remote distributed networks.

Describing several new biometric technologies, such as high-resolution fingerprint, finger-knuckle-print, multi-spectral backhand, 3D fingerprint, tongueprint, 3D ear, and multi-spectral iris recognition technologies, this book analyzes a number of efficient feature extraction, matching and fusion algorithms and how potential systems have been developed. Focusing on how to develop new biometric technologies based on the requirements of applications, and how to design efficient algorithms to deliver better performance, the work is based on the author’s research with experimental results under different challenging conditions described in the text. The book offers a valuable resource for researchers, professionals and postgraduate students working in the fields of computer vision, pattern recognition, biometrics, and security applications, amongst others.

We present in this chapter an overview of techniques for the performance evaluation of behavioral biometricsystems. The BioAPI standard that defines the architecture of a biometricsystem is presented in the first part of the chapter... The general methodology for the evaluation of biometricsystems is given including statistical metrics, definition of benchmark databases and subjective evaluation. These considerations rely with the ISO/IEC19795-1 standard describing the biometric performanc...

Biometric based human authenticationsystem is used for security purpose in many organizations in the present world. This biometricauthenticationsystem has several vulnerable points. Two of vulnerable points are protection of biometric templates at system database and protection of biometric templates at communication channel between two modules of biometricauthenticationsystems. In this paper proposed a robust watermarking scheme using the sparse information of watermark biometric to sec...

Medical information is extremely sensitive in nature - a compromise, such as eavesdropping or tampering by a malicious third party, may result in identity theft, incorrect diagnosis and treatment, and even death. Therefore, it is important to secure the transfer of medical information from the patient to the recording system. We consider a portable, wireless device transferring medical information to a remote server. We decompose this problem into two sub-problems and propose security solutions to each of them: (1) to secure the link between the patient and the portable device, and (2) to secure the link between the portable device and the network. Thus we push the limits of the network security to the edge by authenticating the user using their biometric information; authenticating the device to the network at the physical layer; and strengthening the security of the wireless link with a key exchange mechanism. The proposed authentication methods can be used for recording the readings of medical data in a central database and for accessing medical records in various settings.

Biometrics has developed to be one of the most relevant technologies used in Information Technology IT security. Unimodal biometricsystems have a variety of problems which decreases the performance and accuracy of these system. One way to overcome the limitations of the unimodal biometricsystems is through fusion to form a multimodal biometricsystem. Generally biometric fusion is defined as the use of multiple types of biometric data or ways of processing the data to improve the performanc...

Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometricsystems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorizat...

Full Text Available With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometricauthentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An’s scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user’s ID during login. Cao and Ge improved upon Younghwa An’s scheme, but various security problems remained. This study demonstrates that Cao and Ge’s scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge’s scheme, this study proposes a security enhanced multi-factor biometricauthentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost. PMID:28459867

With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometricauthentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

Includes discussions on popular 3D imaging technologies, combines them with biometric applications, and then presents real 3D biometricsystems Introduces many efficient 3D feature extraction, matching, and fusion algorithms Techniques presented have been supported by experimental results using various 3D biometric classifications

Full Text Available ABSTRACT Human identification is essential for proper functioning of society. Human identification through multimodal biometrics is becoming an emerging trend, and one of the reasons is to improve recognition accuracy. Unimodal biometricsystems are affected by various problemssuch as noisy sensor data,non-universality, lack of individuality, lack of invariant representation and susceptibility to circumvention.A unimodal system has limited accuracy. Hence, Multimodal biometricsystems by combining more than one biometric feature in different levels are proposed in order to enhance the performance of the system. A supervisor module combines the different opinions or decisions delivered by each subsystem and then make a final decision. In this paper, a multimodal biometricsauthentication is proposed by combining face, iris and finger features. Biometric features are extracted by Local Derivative Ternary Pattern (LDTP in Contourlet domain and an extensive evaluation of LDTP is done using Support Vector Machine and Nearest Neighborhood Classifier. The experimental evaluations are performed on a public dataset demonstrating the accuracy of the proposed system compared with the existing systems. It is observed that, the combination of face, fingerprint and iris gives better performance in terms of accuracy, False Acceptance Rate, False Rejection Rate with minimum computation time.

Full Text Available Lately a lot of research effort is devoted for recognition of a human being using his biometric characteristics. Biometric recognition systems are used in various applications, e. g., identification for state border crossing or firearm, which allows only enrolled persons to use it. In this paper biometric characteristics and their properties are reviewed. Development of high accuracy system requires distinctive and permanent characteristics, whereas development of user friendly system requires collectable and acceptable characteristics. It is showed that properties of biometric characteristics do not influence research effort significantly. Properties of biometric characteristic features and their influence are discussed.Article in Lithuanian

In many real-world applications, unimodal biometricsystems often face significant limitations due to sensitivity to noise, intraclass variability, data quality, nonuniversality, and other factors. Attempting to improve the performance of individual matchers in such situations may not prove to be highly effective. Multibiometric systems seek to alleviate some of these problems by providing multiple pieces of evidence of the same identity. These systems help achieve an increase in performance that may not be possible using a single-biometric indicator. This paper presents an effective fusion scheme that combines information presented by multiple domain experts based on the rank-level fusion integration method. The developed multimodal biometricsystem possesses a number of unique qualities, starting from utilizing principal component analysis and Fisher's linear discriminant methods for individual matchers (face, ear, and signature) identity authentication and utilizing the novel rank-level fusion method in order to consolidate the results obtained from different biometric matchers. The ranks of individual matchers are combined using the highest rank, Borda count, and logistic regression approaches. The results indicate that fusion of individual modalities can improve the overall performance of the biometricsystem, even in the presence of low quality data. Insights on multibiometric design using rank-level fusion and its performance on a variety of biometric databases are discussed in the concluding section.

In recent times Biometrics has emerged as a reliable, convenient and effective method of user authentication. However, with the increasing use of biometrics in several diverse applications, concerns about the privacy and security of biometric data contained in the database systems has increased. It is therefore imperative that Biometricsystems instill confidence in the general public, by demonstrating that, these systems are robust, have low error rates and are tamper proof. In this context,...

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulated the privacy and security of patient information. Since HIPPA became a law, hospital operators have struggled to comply fully with its security and privacy provisions. The proximity-based biometricauthentication (PBBA) technology evolved in last decade to help…

This dissertation explores some of the fundamental challenges facing the information assurance community as it relates to knowledge categorization, organization and representation within the field of information security and more specifically within the domain of biometricauthentication. A primary objective of this research is the development of…

Among the various types of biometric personal identification systems, DNA provides the most reliable personal identification. It is intrinsically digital and unchangeable while the person is alive, and even after his/her death. Increasing the number of DNA loci examined can enhance the power of discrimination. This report describes the development of DNA ink, which contains synthetic DNA mixed with printing inks. Single-stranded DNA fragments encoding a personalized set of short tandem repeats (STR) were synthesized. The sequence was defined as follows. First, a decimal DNA personal identification (DNA-ID) was established based on the number of STRs in the locus. Next, this DNA-ID was encrypted using a binary, 160-bit algorithm, using a hashing function to protect privacy. Since this function is irreversible, no one can recover the original information from the encrypted code. Finally, the bit series generated above is transformed into base sequences, and double-stranded DNA fragments are amplified by the polymerase chain reaction (PCR) to protect against physical attacks. Synthesized DNA was detected successfully after samples printed in DNA ink were subjected to several resistance tests used to assess the stability of printing inks. Endurance test results showed that this DNA ink would be suitable for practical use as a printing ink and was resistant to 40 hours of ultraviolet exposure, performance commensurate with that of photogravure ink. Copyright 2004 Tohoku University Medical Press

Multi-factor/multi-modal authenticationsystems are becoming the de facto industry standard. Traditional methods typically use rates that are point estimates and lack a good measure of uncertainty. Additionally, multiple factors are typically fused together in an ad hoc manner. To be consistent, as well as to establish and make proper use of uncertainties, we use a Bayesian method that will update our estimates and uncertainties as new information presents itself. Our algorithm compares competing classes (such as genuine vs. imposter) using Bayes Factors (BF). The importance of this approach is that we not only accept or reject one model (class), but compare it to others to make a decision. We show using a Receiver Operating Characteristic (ROC) curve that using BF for determining class will always perform at least as well as the traditional combining of factors, such as a voting algorithm. As the uncertainty decreases, the BF result continues to exceed the traditional methods result.

With the rapid growth of mobile network, tablets and smart phones have become sorts of keys to access personal secured services in our daily life. People use these devices to manage personal finances, shop on the Internet, and even pay at vending machines. Besides, it also helps us get connected with friends and business partners through social network applications, which were widely used as personal identifications in both real and virtual societies. However, these devices use inherently weak authentication mechanism, based upon passwords and PINs that is not changed all the time. Although forcing users to change password periodically can enhance the security level, it may also be considered annoyances for users. Biometric technologies are straightforward because of the simple authentication process. However, most of the traditional biometrics methodologies require diverse equipment to acquire biometric information, which may be expensive and not portable. This paper proposes a multibiometric user authentication scheme with both physiological and behavioral biometrics. Only simple rotations with fingers on multitouch devices are required to enhance the security level without annoyances for users. In addition, the user credential is replaceable to prevent from the privacy leakage.

With the rapid growth of mobile network, tablets and smart phones have become sorts of keys to access personal secured services in our daily life. People use these devices to manage personal finances, shop on the Internet, and even pay at vending machines. Besides, it also helps us get connected with friends and business partners through social network applications, which were widely used as personal identifications in both real and virtual societies. However, these devices use inherently weak authentication mechanism, based upon passwords and PINs that is not changed all the time. Although forcing users to change password periodically can enhance the security level, it may also be considered annoyances for users. Biometric technologies are straightforward because of the simple authentication process. However, most of the traditional biometrics methodologies require diverse equipment to acquire biometric information, which may be expensive and not portable. This paper proposes a multibiometric user authentication scheme with both physiological and behavioral biometrics. Only simple rotations with fingers on multitouch devices are required to enhance the security level without annoyances for users. In addition, the user credential is replaceable to prevent from the privacy leakage. PMID:25147864

Full Text Available With the rapid growth of mobile network, tablets and smart phones have become sorts of keys to access personal secured services in our daily life. People use these devices to manage personal finances, shop on the Internet, and even pay at vending machines. Besides, it also helps us get connected with friends and business partners through social network applications, which were widely used as personal identifications in both real and virtual societies. However, these devices use inherently weak authentication mechanism, based upon passwords and PINs that is not changed all the time. Although forcing users to change password periodically can enhance the security level, it may also be considered annoyances for users. Biometric technologies are straightforward because of the simple authentication process. However, most of the traditional biometrics methodologies require diverse equipment to acquire biometric information, which may be expensive and not portable. This paper proposes a multibiometric user authentication scheme with both physiological and behavioral biometrics. Only simple rotations with fingers on multitouch devices are required to enhance the security level without annoyances for users. In addition, the user credential is replaceable to prevent from the privacy leakage.

The security plays an important role in any type of organization in today’s life. Iris recognition is one of the leading automatic biometricsystems in the area of security which is used to identify the individual person. Biometricsystems include fingerprints, facial features, voice recognition, hand geometry, handwriting, the eye retina and the most secured one presented in this paper, the iris recognition. Biometricsystems has become very famous in security systems because it is not possi...

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

Full Text Available An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

Although electrocardiogram (ECG) fluctuates over time and physical activity, some of its intrinsic measurements serve well as biometric features. Considering its constant availability and difficulty in being faked, the ECG signal is becoming a promising factor for biometricauthentication. The majority of the currently available algorithms only work well on healthy participants. A novel normalization and interpolation algorithm is proposed to convert an ECG signal into multiple template cycles, which are comparable between any two ECGs, no matter the sampling rates or health status. The overall accuracies reach 100% and 90.11% for healthy participants and cardiovascular disease (CVD) patients, respectively. PMID:23977063

A foundation for closing the gap between biometrics in the narrower and the broader perspective is presented trough a conceptualization of biometricsystems in both perspectives. A clear distinction between verification, identification and classification systems is made as well as shown that there are additional classes of biometricsystems. In the end a Unified Modeling Language model is developed showing the connections between the two perspectives.

The paradigm of embedding computing devices in our surrounding environment has gained more interest in recent days. Along with contemporary technology comes challenges, the most important being the security and privacy aspect. Keeping the aspect of compactness and memory constraints of pervasive devices in mind, the biometric techniques proposed for identification should be robust and dynamic. In this work, we propose an emerging scheme that is based on few exclusive human traits and characte...

Biometrics is one of the primary key concepts of real application domains such as aadhar card, passport, pan card, etc. In such applications user can provide two to three biometrics patterns like face, finger, palm, signature, iris data, and so on. We considered face and finger patterns for encoding and then also for verification. Using this data we proposed a novel model for authentication in multimodal biometrics often called Context-Sensitive Exponent Associative Memory Mode...

This article describes the different mathematical methods for processing biometric data. A brief overview of methods for personality recognition by means of a signature is conducted. Mathematical solutions of a dynamic authentication method are considered. Recommendations on use of certain mathematical methods, depending on specific tasks, are provided. Based on the conducted analysis of software and the choice made in favor of the wavelet analysis, a brief basis for its use in the course of software development for biometric personal identification is given for the purpose of its practical application.

Biometricsauthenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

Full Text Available Biometricsauthenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

A modular apparatus for acquiring biometric data may include circuitry operative to receive an input signal indicative of a biometric condition, the circuitry being configured to process the input signal according to a transfer function thereof and to provide a corresponding processed input signal. A controller is configured to provide at least one control signal to the circuitry to programmatically modify the transfer function of the modular system to facilitate acquisition of the biometric data.

According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks. PMID:29534085

This article presents an overview of the SecurePhone project, with an account of the first results obtained. SecurePhone's primary aim is to realise a mobile phone prototype - the 'SecurePhone' - in which biometricalauthentication enables users to deal secure, dependable transactions over a mobile network. The SecurePhone is based on a commercial PDA-phone, supplemented with specific software modules and a customised SIM card. It integrates in a single environment a number of advanced features: access to cryptographic keys through strong multimodal biometricauthentication; appending and verification of digital signatures; real-time exchange and interactive modification of (esigned) documents and voice recordings. SecurePhone's 'biometric recogniser' is based on original research. A fused combination of three different biometric methods - speaker, face and handwritten signature verification - is exploited, with no need for dedicated hardware components. The adoption of non-intrusive, psychologically neutral biometric techniques is expected to mitigate rejection problems that often inhibit the social use of biometrics, and speed up the spread of e-signature technology. Successful biometricauthentication grants access to SecurePhone's built-in esignature services through a user-friendly interface. Special emphasis is accorded to the definition of a trustworthy security chain model covering all aspects of system operation. The SecurePhone is expected to boost m-commerce and open new scenarios for m-business and m-work, by changing the way people interact and by improving trust and confidence in information technologies, often considered intimidating and difficult to use. Exploitation plans will also explore other application domains (physical and logical access control, securised mobile communications).

Full Text Available Biometric based authenticationsystems provide solutions to the problems in high security which remain with conventionalsecurity systems. In a biometric verification system, human’s biological parameters (such as voice, finger print,palm print or hand geometry, face, iris etc. are used to verify the authenticity of a person. These parameters are good to beused as biometric parameters but do not provide the guarantee that the person is present and alive. As voice can be copied,finger print can be picked from glass on synthetic skin and in face recognition system due to genetic factors identical twinsor father-son may have the same facial appearance. ECG does not have these problems. It can not be recorded without theknowledge of the person and ECG of every person is unique even identical twins have different ECG. In this paper an ECGbasedbiometrics verification system which was developed using Laboratory Virtual Instruments Engineering Workbench(LabVIEW version 7.1 is discussed. Experiments were conducted on the database stored in the laboratory of 20 individualshaving 10 samples each and the results revealed a false rejection rate (FRR of 3% and false acceptance rate (FAR of 3.21%.

In this review, biometricsystems are studied from an information theoretical point of view. In the first part biometricauthenticationsystems are studied. The objective of these systems is, observing correlated enrollment and authenticationbiometric sequences, to generate or convey as large as

Full Text Available There is increasing demand world-wide, from government agencies and the private sector for cutting-edge biometric security technology that is difficult to breach but userfriendly at the same time. Some of the older tools, such as fingerprint, retina and iris scanning, and facial recognition software have all been found to have flaws and often viewed negatively because of many cultural and hygienic issues associated with them. Comparatively, mapping veins as a human barcode, a new technology, has many advantages over older technologies. Specifically, reproducing a three-dimensional model of a human vein system is impossible to replicate. Vein map technology is distinctive because of its state-of-the-art sensors are only able to recognize vein patterns if hemoglobin is actively flowing through the person

A modular system for acquiring biometric data includes a plurality of data acquisition modules configured to sample biometric data from at least one respective input channel at a data acquisition rate. A representation of the sampled biometric data is stored in memory of each of the plurality of data acquisition modules. A central control system is in communication with each of the plurality of data acquisition modules through a bus. The central control system is configured to collect data asynchronously, via the bus, from the memory of the plurality of data acquisition modules according to a relative fullness of the memory of the plurality of data acquisition modules.

Full Text Available Biometric based human authenticationsystem is used for security purpose in many organizations in the present world. This biometricauthenticationsystem has several vulnerable points. Two of vulnerable points are protection of biometric templates at system database and protection of biometric templates at communication channel between two modules of biometricauthenticationsystems. In this paper proposed a robust watermarking scheme using the sparse information of watermark biometric to secure vulnerable point like protection of biometric templates at the communication channel of biometricauthenticationsystems. A compressive sensing theory procedure is used for generation of sparse information on watermark biometric data using detail wavelet coefficients. Then sparse information of watermark biometric data is embedded into DCT coefficients of host biometric data. This proposed scheme is robust to common signal processing and geometric attacks like JPEG compression, adding noise, filtering, and cropping, histogram equalization. This proposed scheme has more advantages and high quality measures compared to existing schemes in the literature.

Full Text Available Iris recognition has been used for authentication for the past few years and is capable of positive/negative authenticationof an individual without any physical contact or intervention. This technique is being used mainly because of its uniqueness,stability, and reliability but still many challenges are being faced an the iris based recognition system. This paperpresents the difficulties faced in different modules, like the sensor module, preprocessing module, feature extraction module,and matching module of an iris biometricsystem.

The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An's scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An's scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

Full Text Available The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An’s scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An’s scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability.

An in-depth examination of the cutting edge of biometrics. This book fills a gap in the literature by detailing the recent advances and emerging theories, methods, and applications of biometricsystems in a variety of infrastructures. Edited by a panel of experts, it provides comprehensive coverage of:. Multilinear discriminant analysis for biometric signal recognition;. Biometric identity authentication techniques based on neural networks;. Multimodal biometrics and design of classifiers for biometric fusion;. Feature selection and facial aging modeling for face recognition;. Geometrical and

This work aims to show the applicability, and how, of privacy by design approach to biometricsystems and the benefit of using formal methods to this end. Starting from a general framework that has been introduced at STM in 2014, that enables to define privacy architectures and to formally reason about their properties, we explain how it can be adapted to biometrics. The choice of particular techniques and the role of the components (central server, secure module, biometric terminal, smart ca...

Integration of electronic signatures embedded in health care processes in Germany challenges health care service and supply facilities. The suitability of the signature level of an eligible authentication procedure is confirmed for a large part of documents in clinical practice. However, the concrete design of such a procedure remains unclear. To create a summary of usable user authenticationsystems suitable for clinical workflows. A Systematic literature review based on nine online bibliographic databases. Search keywords included authentication, access control, information systems, information security and biometrics with terms user authentication, user identification and login in title or abstract. Searches were run between 7 and 12 September 2011. Relevant conference proceedings were searched manually in February 2013. Backward reference search of selected results was done. Only publications fully describing authenticationsystems used or usable were included. Algorithms or purely theoretical concepts were excluded. Three authors did selection independently. DATA EXTRACTION AND ASSESSMENT: Semi-structured extraction of system characteristics was done by the main author. Identified procedures were assessed for security and fulfillment of relevant laws and guidelines as well as for applicability. Suitability for clinical workflows was derived from the assessments using a weighted sum proposed by Bonneau. Of 7575 citations retrieved, 55 publications meet our inclusion criteria. They describe 48 different authenticationsystems; 39 were biometric and nine graphical password systems. Assessment of authenticationsystems showed high error rates above European CENELEC standards and a lack of applicability of biometricsystems. Graphical passwords did not add overall value compared to conventional passwords. Continuous authentication can add an additional layer of safety. Only few systems are suitable partially or entirely for use in clinical processes. Suitability

Full Text Available In the application of Biometricauthentication, personal identification is regarded as an effective method for automatic recognition, with a high confidence, a person’s identity. Using multimodal biometricsystems we typically get better performance compare to single biometric modality. This paper proposes the multimodal biometricssystem for identity verification using two traits, i.e., speech signal and palmprint. Integrating the palmprint and speech information increases robustness of person authentication. The proposed system is designed for applications where the training data contains a speech signal and palmprint. It is well known that the performance of person authentication using only speech signal or palmprint is deteriorated by feature changes with time. The final decision is made by fusion at matching score level architecture in which feature vectors are created independently for query measures and are then compared to the enrolment templates, which are stored during database preparation.

In this paper, we introduce a new biometric verification and template protection system which we call THRIVE. The system includes novel enrollment and authentication protocols based on threshold homomorphic encryption where a private key is shared between a user and a verifier. In the THRIVE system, only encrypted binary biometric templates are stored in a database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during authentication. Due to the underlying threshold homomorphic encryption scheme, a malicious database owner cannot perform full decryption on encrypted templates of the users in the database. In addition, security of the THRIVE system is enhanced using a two-factor authentication scheme involving user's private key and biometric data. Using simulation-based techniques, the proposed system is proven secure in the malicious model. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form, but needs to prove her identity by using biometrics. The system can be used with any biometric modality where a feature extraction method yields a fixed size binary template and a query template is verified when its Hamming distance to the database template is less than a threshold. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biometric templates on a desktop PC running with quad core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real-life applications.

Biometric verification systems are designed to accept multiple similar biometric measurements per user due to inherent intrauser variations in the biometric data. This is important to preserve reasonable acceptance rate of genuine queries and the overall feasibility of the recognition system. However, such acceptance of multiple similar measurements decreases the imposter's difficulty of obtaining a system-acceptable measurement, thus resulting in a degraded security level. This deteriorated security needs to be measurable to provide truthful security assurance to the users. Entropy is a standard measure of security. However, the entropy formula is applicable only when there is a single acceptable possibility. In this paper, we develop an entropy-measuring model for biometricsystems that accepts multiple similar measurements per user. Based on the idea of guessing entropy, the proposed model quantifies biometricsystem security in terms of adversarial guessing effort for two practical attacks. Excellent agreement between analytic and experimental simulation-based measurement results on a synthetic and a benchmark face dataset justify the correctness of our model and thus the feasibility of the proposed entropy-measuring approach.

Multibiometric systems have been recently developed in order to overcome some weaknesses of single biometricauthenticationsystems, but security of these systems against spoofing has not received enough attention. In this paper, we propose a novel practical method for simulation of possibilities of spoof attacks against a biometricauthenticationsystem. Using this method, we model matching scores from standard to completely spoofed genuine samples. Sum, product, and Bayes fusion rules are applied for score level combination. The security of multimodal authenticationsystems are examined and compared with the single systems against various spoof possibilities. However, vulnerability of fused systems is considerably increased against spoofing, but their robustness is generally higher than single matcher systems. In this paper we show that robustness of a combined system is not always higher than a single system against spoof attack. We propose empirical methods for upgrading the security of multibiometric systems, which contain how to organize and select biometric traits and matchers against various possibilities of spoof attack. These methods provide considerable robustness and present an appropriate reason for using combined systems against spoof attacks.

Internet is a source of large number of electronic services (e-services). Thisimplies that, almost every human endeavor can be carried out electronically on the ... e-relationship, e-money, e-learning, in short e-life are all products supported by the Internet. ... society, time is collapsing, and distance is no longer an obstacle.

User authentication in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication, limited resources, and unattended operation. For these reasons, various authentication schemes have been proposed to provide secure and efficient communication. In 2016, Park et al. proposed a secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. However, we found that their scheme was still insecure against impersonation attack, and had a problem in the smart card revocation/reissue phase. In this paper, we show how an adversary can impersonate a legitimate user or sensor node, illegal smart card revocation/reissue and prove that Park et al.'s scheme fails to provide revocation/reissue. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Finally, we provide security and performance analysis between previous schemes and the proposed scheme, and provide formal analysis based on the random oracle model. The results prove that the proposed scheme can solve the weaknesses of impersonation attack and other security flaws in the security analysis section. Furthermore, performance analysis shows that the computational cost is lower than the previous scheme.

Full Text Available This work aims to develop a prototype system of centralized managing permissions based on the election multibiometric authentication. The novelty of this work is to develop the principles of distinction and multi-factor authentication, because at the moment there is no such development. Depending on various conditions and factors, including the availability of electronic means and convenience, resistance to attacks and exploits, disease or injury of users the biometricauthentication can be selected on the basis of any such biometrics as rhythm password, voice, dynamic signatures and graphics recognition.

Full Text Available Biometrics refers to the recognition of individuals based on their physiological and/or behavioral characteristics. Thebiometric traits which may be considered for the authentication of a person are face, hand geometry, finger print, vein, iris,etc. A competent selection of a sensor, its mechanism and adaptability is required, as the absence of these will leave thebiometric sensor deceptive to information sensing. Selecting a sensor for a biometric application from the large number ofavailable sensors with different technologies always brought the issue of performance and accuracy. Therefore, various errorrates and sensibility contention differentiate the available biometric sensors. This paper presents the difficulties faced in thesensor module of the biometricsystem and the incomparable alternatives on the basis of availability of information at sensormodule of the various systems.

User authentication has been widely used by biometric applications that work on unique bodily features, such as fingerprints, retina scan, and palm vessels recognition. This paper proposes a novel concept of biometricauthentication by exploiting a user's medical history. Although medical history may not be absolutely unique to every individual person, the chances of having two persons who share an exactly identical trail of medical and prognosis history are slim. Therefore, in addition to common biometric identification methods, medical history can be used as ingredients for generating Q&A challenges upon user authentication. This concept is motivated by a recent advancement on smart-card technology that future identity cards are able to carry patents' medical history like a mobile database. Privacy, however, may be a concern when medical history is used for authentication. Therefore in this paper, a new method is proposed for abstracting the medical data by using attribute value taxonomies, into a hierarchical data tree (h-Data). Questions can be abstracted to various level of resolution (hence sensitivity of private data) for use in the authentication process. The method is described and a case study is given in this paper.

Full Text Available User authentication has been widely used by biometric applications that work on unique bodily features, such as fingerprints, retina scan, and palm vessels recognition. This paper proposes a novel concept of biometricauthentication by exploiting a user’s medical history. Although medical history may not be absolutely unique to every individual person, the chances of having two persons who share an exactly identical trail of medical and prognosis history are slim. Therefore, in addition to common biometric identification methods, medical history can be used as ingredients for generating Q&A challenges upon user authentication. This concept is motivated by a recent advancement on smart-card technology that future identity cards are able to carry patents’ medical history like a mobile database. Privacy, however, may be a concern when medical history is used for authentication. Therefore in this paper, a new method is proposed for abstracting the medical data by using attribute value taxonomies, into a hierarchical data tree (h-Data. Questions can be abstracted to various level of resolution (hence sensitivity of private data for use in the authentication process. The method is described and a case study is given in this paper.

Among the most used biometric signals to set personal security permissions, taker increasingly importance biometric iris recognition based on their textures and images of blood vessels due to the rich in these two unique characteristics that are unique to each individual. This paper presents an implementation of an algorithm characterization and correlation of templates created for biometricauthentication based on iris texture analysis programmed on a FPGA (Field Programmable Gate Array), authentication is based on processes like characterization methods based on frequency analysis of the sample, and frequency correlation to obtain the expected results of authentication.

Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... access scheme based on identity-based encryption and biometricauthentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....

Authentication is process of granting a user access to an information system. There are three main types of authentication mechanisms password entry smart card and biometric. Each authentication mechanism functions differently and has their strengths and weakness. In this paper we review different types of authentication mechanisms their vulnerabilities and recommend novel solutions.

Full Text Available Authentication is process of granting a user access to an information system. There are three main types of authentication mechanisms password entry smart card and biometric. Each authentication mechanism functions differently and has their strengths and weakness. In this paper we review different types of authentication mechanisms their vulnerabilities and recommend novel solutions.

Full Text Available Biometrics has developed to be one of the most relevant technologies used in Information Technology IT security. Unimodal biometricsystems have a variety of problems which decreases the performance and accuracy of these system. One way to overcome the limitations of the unimodal biometricsystems is through fusion to form a multimodal biometricsystem. Generally biometric fusion is defined as the use of multiple types of biometric data or ways of processing the data to improve the performance of biometricsystems. This paper proposes to develop a model for fusion of the face and fingerprint biometric at the match score fusion level. The face and fingerprint unimodal in the proposed model are built using scale invariant feature transform SIFT algorithm and the hamming distance to measure the distance between key points. To evaluate the performance of the multimodal system the FAR and FRR of the multimodal are compared along those of the individual unimodal systems. It has been established that the multimodal has a higher accuracy of 92.5 compared to the face unimodal system at 90 while the fingerprint unimodal system is at 82.5.

Full Text Available Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.'s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.’s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.’s protocol and existing similar protocols. PMID:27163786

Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.'s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

Full Text Available Biometric recognition offers a reliable solution to the problem of user authentication in identity management systems. With the widespread deployment of biometricsystems in various applications, there are increasing concerns about the security and privacy of biometric technology. Public acceptance of biometrics technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates, and are tamper proof. We present a high-level categorization of the various vulnerabilities of a biometricsystem and discuss countermeasures that have been proposed to address these vulnerabilities. In particular, we focus on biometric template security which is an important issue because, unlike passwords and tokens, compromised biometric templates cannot be revoked and reissued. Protecting the template is a challenging task due to intrauser variability in the acquired biometric traits. We present an overview of various biometric template protection schemes and discuss their advantages and limitations in terms of security, revocability, and impact on matching accuracy. A template protection scheme with provable security and acceptable recognition performance has thus far remained elusive. Development of such a scheme is crucial as biometricsystems are beginning to proliferate into the core physical and information infrastructure of our society.

In this thesis both the generation of secret keys from biometric data and the binding of secret keys to biometric data are investigated. These secret keys can be used to regulate access to sensitive data, services, and environments. In a biometric secrecy system a secret key is generated or chosen

Biometrics is increasingly applied in IT (biometric methods today generally use computer technology), mostly used to authenticate users. The aim of this thesis is to describe and compare two selected biometric methods. These methods are fingerprints and scanning of human face. The contribution of this work is to provide information on biometric identification methods, their advantages and disadvantages, and deployment options. If an organization decides to strengthen their security systems wi...

Fingerprints are likely the most widely used biometric in commercial as well as law enforcement applications. With the expected rapid growth of fingerprint authentication in mobile devices their importance justifies increased demands for dependability. An increasing number of new sensors,applications and a diverse user population also intensify concerns about the interoperability in fingerprint authentication. In most applications, fingerprints captured for user enrollment with one device may...

Security and privacy are among the most crucial issues for data transmission in telemedicine systems. This paper proposes a solution for securing wireless data transmission in telemedicine systems, i.e. within a body sensor network (BSN), between the BSN and server as well as between the server and professionals who have assess to the server. A unique feature of this solution is the generation of random keys by physiological data (i.e. a biometric approach) for securing communication at all 3 levels. In the performance analysis, inter-pulse interval of photoplethysmogram is used as an example to generate these biometric keys to protect wireless data transmission. The results of statistical analysis and computational complexity suggest that this type of key is random enough to make telemedicine systems resistant to attacks.

We present a system for secure identification applications that is based upon biometric-like MEMS chips. The MEMS chips have unique frequency signatures resulting from fabrication process variations. The MEMS chips possess something analogous to a "voiceprint". The chips are vacuum encapsulated, rugged, and suitable for low-cost, highvolume mass production. Furthermore, the fabrication process is fully integrated with standard CMOS fabrication methods. One is able to operate the MEMS-based identification system similarly to a conventional RFID system: the reader (essentially a custom network analyzer) detects the power reflected across a frequency spectrum from a MEMS chip in its vicinity. We demonstrate prototype "tags" - MEMS chips placed on a credit card-like substrate - to show how the system could be used in standard identification or authentication applications. We have integrated power scavenging to provide DC bias for the MEMS chips through the use of a 915 MHz source in the reader and a RF-DC conversion circuit on the tag. The system enables a high level of protection against typical RFID hacking attacks. There is no need for signal encryption, so back-end infrastructure is minimal. We believe this system would make a viable low-cost, high-security system for a variety of identification and authentication applications.

Biometric as the science of recognizing an individual based on his or her physical or behavioral traits, it is beginning to gain acceptance as a legitimate method for determining an individual identity.Biometric have now been deployed in various commercial, civilian, and national security applications. Biometric described overview of various biometric techniques and the need to be addressed form making biometric technology an effective tool for providing information security.

Full Text Available Recently, automatic diagnosis of diabetic retinopathy (DR from the retinal image is the most significant research topic in the medical applications. Diabetic macular edema (DME is the major reason for the loss of vision in patients suffering from DR. Early identification of the DR enables to prevent the vision loss and encourage diabetic control activities. Many techniques are developed to diagnose the DR. The major drawbacks of the existing techniques are low accuracy and high time complexity. To overcome these issues, this paper proposes an enhanced particle swarm optimization-differential evolution feature selection (PSO-DEFS based feature selection approach with biometricauthentication for the identification of DR. Initially, a hybrid median filter (HMF is used for pre-processing the input images. Then, the pre-processed images are embedded with each other by using least significant bit (LSB for authentication purpose. Simultaneously, the image features are extracted using convoluted local tetra pattern (CLTrP and Tamura features. Feature selection is performed using PSO-DEFS and PSO-gravitational search algorithm (PSO-GSA to reduce time complexity. Based on some performance metrics, the PSO-DEFS is chosen as a better choice for feature selection. The feature selection is performed based on the fitness value. A multi-relevance vector machine (M-RVM is introduced to classify the 13 normal and 62 abnormal images among 75 images from 60 patients. Finally, the DR patients are further classified by M-RVM. The experimental results exhibit that the proposed approach achieves better accuracy, sensitivity, and specificity than the existing techniques.

Full Text Available As new technology enables firms to perform many daily processes easier the need of authentication and authorization process is becoming an integral part of many businesses. Also mobile applications are very popular nowadays play an important role in our lives. Such demands are not only limited to Logistics Information Systems (LIS but many field of information system as well. In this study multi-dimensional authentication which consist of online biometric face detection integrated as cloud computing software as a Service (SaaS, Near Field Communication (NFC card authentication, location confirmation, and temporal data confirmation are gathered together to fulfill different scenarios of authentication needs of business. Microsoft Face API (Application Program Interface, SAAS (software as a service has been used in face recognition module of developed mobile application. The face recognition module of the mobile application has been tested with Yale Face Database. Location, temporal data and NFC card information are collected and confirmed by the mobile application for authentication and authorization. These images were tested with our facial recognition module and confusion matrices were created. The accuracy of the system after the facial recognition test was found to be 100%. NFC card, location and temporal data authentication not only further increases security level but also fulfils many business authentication scenarios successfully. To the best of our knowledge there is no other authentication model other than implemented one that has a-4-factor confirmation including biometric face identification, NFC card authentication, location confirmation and temporal data confirmation.

This paper presents the International Standard ISO 24745 as a potential security tool for biometric information protection, more precisely as a tool for privacy protection in biometricsystems. This is one of the latest internationally accepted standards that address the security issues of biometricsystems.

The main objective of this PhD Thesis is the specification of formal evaluation methodologies for testing the security level achieved by biometricsystems when these are working under specific contour conditions. This analysis is conducted through the calculation of the basic technical biometricsystem performance and its possible variations. To that end, the next two relevant contributions have been developed. The first contribution is the definition of two independent biometric performance ...

Dec 1, 2016 ... Basic Multi-biometricAuthenticationSystem was thought to have sealed the vulnerabilities ..... action of a real physical human being and not from a pattern ... of authentication is referred to as multi-biometric fusion, and such a ...

Fingerprint verification is one of the most reliable personal identification methods. However, most of the automatic fingerprint identification system (AFIS) is not run via Internet/Intranet environment to meet today's increasing Electric commerce requirements. This paper describes the design and implementation of the archetype system of identity authentication based on fingerprint biometrics technology, and the system can run via Internet environment. And in our system the COM and ASP technology are used to integrate Fingerprint technology with Web database technology, The Fingerprint image preprocessing algorithms are programmed into COM, which deployed on the internet information server. The system's design and structure are proposed, and the key points are discussed. The prototype system of identity authentication based on Fingerprint have been successfully tested and evaluated on our university's distant education applications in an internet environment.

Recently, considerable attention has been devoted to distributed systems. It has become obvious that a high security level should be a fundamental prerequisite for organisations' processes, both in the commercial and public sectors. A crucial foundation for securing a network is the ability to reliably authenticate ommunication parties. However, these systems face some critical security risks and challenges when they attempt to stabilise between security, efficiency and functionality. Develop...

Cryptographic frameworks depend on key sharing for ensuring security of data. While the keys in cryptographic frameworks must be correctly reproducible and not unequivocally connected to the identity of a user, in biometric frameworks this is different. Joining cryptography techniques with biometrics can solve these issues. We present a biometricauthentication method based on the discrete logarithm problem and Bose-Chaudhuri-Hocquenghem (BCH) codes, perform its security analysis, and demonstrate its security characteristics. We evaluate a biometric cryptosystem using our own dataset of electroencephalography (EEG) data collected from 42 subjects. The experimental results show that the described biometric user authenticationsystem is effective, achieving an Equal Error Rate (ERR) of 0.024.

In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user's management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.'s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.'s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.'s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties.

In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties. PMID:26709702

Currently addressing problems related to security in access control, as a consequence, have been developed applications that work under unique characteristics in individuals, such as biometric features. In the world becomes important working with biometric images such as the liveliness of the iris which are for both the pattern of retinal images as your blood vessels. This paper presents an implementation of an algorithm for creating templates for biometricauthentication with ocular features for FPGA, in which the object of study is that the texture pattern of iris is unique to each individual. The authentication will be based in processes such as edge extraction methods, segmentation principle of John Daugman and Libor Masek's, and standardization to obtain necessary templates for the search of matches in a database and then get the expected results of authentication.

Currently addressing problems related to security in access control, as a consequence, have been developed applications that work under unique characteristics in individuals, such as biometric features. In the world becomes important working with biometric images such as the liveliness of the iris which are for both the pattern of retinal images as your blood vessels. This paper presents an implementation of an algorithm for creating templates for biometricauthentication with ocular features for FPGA, in which the object of study is that the texture pattern of iris is unique to each individual. The authentication will be based in processes such as edge extraction methods, segmentation principle of John Daugman and Libor Masek's, and standardization to obtain necessary templates for the search of matches in a database and then get the expected results of authentication.

Sandia National Laboratories developed an Authenticated Secure Container System (ASCS) for the International Atomic Energy Agency (IAEA). Agency standard weights and safeguards samples can be stored in the ASCS to provide continuity of knowledge. The ASCS consists of an optically clear cover, a base containing the Authenticated Item Monitoring System (AIMS) transmitter, and the AIMS receiver unit for data collection. The ASCS will provide the Inspector with information concerning the status of the system, during a surveillance period, such as state of health, tampering attempts, and movement of the container system. The secure container is located inside a Glove Box with the receiver located remotely from the Glove Box. AIMS technology uses rf transmission from the secure container to the receiver to provide a record of state of health and tampering. The data is stored in the receiver for analysis by the Inspector during a future inspection visit. 2 refs

Full Text Available The recent years have seen a rise in the number of cases of cyber-crime committed through identity theft and fraud. To address this problem, this paper uses adaptive neural-fuzzy inference system, fuzzy logic and artificial neural network to implement a multifactor authenticationsystem through a technique of information fusion. To begin with, the identity attributes are mined using the three corpora from three major sources namely the social networks, a set of questionnaires and application forms from the various services offered both in the real and cyberspace. The statistical information generated by the corpora is then used to compose an identity attribute metric model. The composed identity attributes metrics values classified as biometrics, device metrics and pseudo metrics are then fused at the score level through a technique of information fusion in a multifactor authenticationsystem by using each of the above artificial intelligence technologies and the results compared.

Recently several authentication schemes are proposed for telecare medicine information system (TMIS). Many of such schemes are proved to have weaknesses against known attacks. Furthermore, numerous such schemes cannot be used in real time scenarios. Because they assume a single server for authentication across the globe. Very recently, Amin et al. (J. Med. Syst. 39(11):180, 2015) designed an authentication scheme for secure communication between a patient and a medical practitioner using a trusted central medical server. They claimed their scheme to extend all security requirements and emphasized the efficiency of their scheme. However, the analysis in this article proves that the scheme designed by Amin et al. is vulnerable to stolen smart card and stolen verifier attacks. Furthermore, their scheme is having scalability issues along with inefficient password change and password recovery phases. Then we propose an improved scheme. The proposed scheme is more practical, secure and lightweight than Amin et al.'s scheme. The security of proposed scheme is proved using the popular automated tool ProVerif.

Information fusion in biometrics has received considerable attention. This paper focuses on the application of information fusion techniques in iris recognition. To improve the reliability and accuracy of personal identification based on the iris pattern, this paper proposes the schemes of multialgorithmic fusion and multiinstance fusion. Multialgorithmic fusion integrates the improved phase algorithm and the DCT-based algorithm, and multiinstance fusion combines information from the left iris and the right iris of an individual. Both multialgorithmic fusion and multiinstance fusion are carried out at the matching score level and the support vector machine (SVM)-based fusion rule is utilized to generate fused scores for final decision. The experimental results on the noisy iris database UBIRIS demonstrate that the proposed fusion schemes can perform better than the single recognition systems, and further prove that information fusion techniques are feasible and effective to improve the accuracy and robustness of iris recognition especially under noisy conditions

Biometric recognition is currently implemented in several authentication contexts, most recently in mobile devices where it is expected to complement or even replace traditional authentication modalities such as PIN (Personal Identification Number) or passwords. The assumed convenience characteristics of biometrics are transparency, reliability and ease-of-use, however, the question of whether biometric recognition is as intuitive and straightforward to use is open to debate. Can biometricsystems make some tasks easier for people with accessibility concerns? To investigate this question, an accessibility evaluation of a mobile app was conducted where test subjects withdraw money from a fictitious ATM (Automated Teller Machine) scenario. The biometricauthentication mechanisms used include face, voice, and fingerprint. Furthermore, we employed traditional modalities of PIN and pattern in order to check if biometric recognition is indeed a real improvement. The trial test subjects within this work were people with real-life accessibility concerns. A group of people without accessibility concerns also participated, providing a baseline performance. Experimental results are presented concerning performance, HCI (Human-Computer Interaction) and accessibility, grouped according to category of accessibility concern. Our results reveal links between individual modalities and user category establishing guidelines for future accessible biometric products.

Biometric recognition is currently implemented in several authentication contexts, most recently in mobile devices where it is expected to complement or even replace traditional authentication modalities such as PIN (Personal Identification Number) or passwords. The assumed convenience characteristics of biometrics are transparency, reliability and ease-of-use, however, the question of whether biometric recognition is as intuitive and straightforward to use is open to debate. Can biometricsystems make some tasks easier for people with accessibility concerns? To investigate this question, an accessibility evaluation of a mobile app was conducted where test subjects withdraw money from a fictitious ATM (Automated Teller Machine) scenario. The biometricauthentication mechanisms used include face, voice, and fingerprint. Furthermore, we employed traditional modalities of PIN and pattern in order to check if biometric recognition is indeed a real improvement. The trial test subjects within this work were people with real-life accessibility concerns. A group of people without accessibility concerns also participated, providing a baseline performance. Experimental results are presented concerning performance, HCI (Human-Computer Interaction) and accessibility, grouped according to category of accessibility concern. Our results reveal links between individual modalities and user category establishing guidelines for future accessible biometric products. PMID:29565989

Full Text Available Biometric recognition is currently implemented in several authentication contexts, most recently in mobile devices where it is expected to complement or even replace traditional authentication modalities such as PIN (Personal Identification Number or passwords. The assumed convenience characteristics of biometrics are transparency, reliability and ease-of-use, however, the question of whether biometric recognition is as intuitive and straightforward to use is open to debate. Can biometricsystems make some tasks easier for people with accessibility concerns? To investigate this question, an accessibility evaluation of a mobile app was conducted where test subjects withdraw money from a fictitious ATM (Automated Teller Machine scenario. The biometricauthentication mechanisms used include face, voice, and fingerprint. Furthermore, we employed traditional modalities of PIN and pattern in order to check if biometric recognition is indeed a real improvement. The trial test subjects within this work were people with real-life accessibility concerns. A group of people without accessibility concerns also participated, providing a baseline performance. Experimental results are presented concerning performance, HCI (Human-Computer Interaction and accessibility, grouped according to category of accessibility concern. Our results reveal links between individual modalities and user category establishing guidelines for future accessible biometric products.

The electroencephalogram (EEG) signal represents a subject's specific brain activity patterns and is considered as an ideal biometric given its superior forgery prevention. However, the accuracy and stability of the current EEG-based person authenticationsystems are still unsatisfactory in practical application. In this paper, a multi-task EEG-based person authenticationsystem combining eye blinking is proposed, which can achieve high precision and robustness. Firstly, we design a novel EEG-based biometric evoked paradigm using self- or non-self-face rapid serial visual presentation (RSVP). The designed paradigm could obtain a distinct and stable biometric trait from EEG with a lower time cost. Secondly, the event-related potential (ERP) features and morphological features are extracted from EEG signals and eye blinking signals, respectively. Thirdly, convolutional neural network and back propagation neural network are severally designed to gain the score estimation of EEG features and eye blinking features. Finally, a score fusion technology based on least square method is proposed to get the final estimation score. The performance of multi-task authenticationsystem is improved significantly compared to the system using EEG only, with an increasing average accuracy from 92.4% to 97.6%. Moreover, open-set authentication tests for additional imposters and permanence tests for users are conducted to simulate the practical scenarios, which have never been employed in previous EEG-based person authenticationsystems. A mean false accepted rate (FAR) of 3.90% and a mean false rejected rate (FRR) of 3.87% are accomplished in open-set authentication tests and permanence tests, respectively, which illustrate the open-set authentication and permanence capability of our systems.

In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. (paper)

In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. Project supported by the Natural Science Foundation of Zhejiang Province, China (Grant No. LZ12F02005), the Major State Basic Research Development Program of China (Grant No. 2013CB834205), and the National Natural Science Foundation of China (Grant No. 61070153).

In this chapter we investigate biometric key-binding systems for i.i.d. Gaussian biometric sources. In these systems two terminals observe two correlated biometric sequences. Moreover, a secret key, which is independent of the biometric sequences, is selected at the first terminal. The first

Full Text Available The increasing popularity of biometrics and cryptography is driven by the widespread stipulation on information security. Abundant efforts have been made in developing successful methods in these areas in order to accomplish an enhanced level of information security. There are two dominant issues in information security enhancement. One is to defend the user ownership and control the access to information by authenticating an individual’s identity. The other is to make sure the privacy and integrity of information and to secure communication. Cryptography is the science of writing in secret code. Secret-key cryptography and public-key cryptography are the two most important cryptographic architectures. The security of a cryptographic system is reliant on the secrecy of the cryptographic key. Biometricauthentication or simply biometrics refers to establishing automatic personal recognition based on the physical and behavioral characteristics of an individual (e.g. face, voice, fingerprint, gait, hand geometry, iris, gene, etc.. Biometrics offers superior security and easier than traditional identity authenticationsystems (based on passwords and cryptographic keys.Since biometrics characteristics are naturally related with a particular individual, making them insusceptible to being stolen, forgotten, lost or attached. This paper presents a survey on various techniques proposed earlier in developing an authenticationsystem for ensuring individual’s information security by combining biometric characteristics of that particular individual and the cryptographic techniques. In addition, it provides some fundamental idea for future research that may help in eliminating the problems associated with the present authenticationsystems.

With their increasing popularity in cryptosystems, biometrics have attracted more and more attention from the information security community. However, how to handle the relevant privacy concerns remains to be troublesome. In this paper, we propose a novel security model to formalize the privacy

Embodiments of the present invention are directed toward authenticationsystems, devices, and methods. Obfuscated executable instructions may encode an authentication procedure and protect an authentication key. The obfuscated executable instructions may require communication with a remote certifying authority for operation. In this manner, security may be controlled by the certifying authority without regard to the security of the electronic device running the obfuscated executable instructions.

We study the problem of authenticated storage, where we wish to construct protocols that allow to outsource any complex file system to an untrusted server and yet ensure the file-system's integrity. We introduce Athos, a new, platform-independent and user-transparent architecture for authenticated...

Full Text Available The research progress of encryption technologies based on human biometrics is reviewed in this paper.The technologies that utilize human biometrics to make information encryption and identity authentication,and the technologies which combine biometrics encryption with optical encryption methods are introduced in detail.The advantages and disadvantages of these encryption systems are discussed,and the obstacles in practical applications are pointed out.Finally,the prospect of the new encryption technologies that are based on human biometrics are predicted.

Full Text Available The article considers the possibility of using biometricauthentication methods for mobile devices. The implementation of keystroke dynamics-based authenticationsystem is presented. Testing process and results are described.

Biometricsystems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometricsystems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to c...

Biometric technologies composed of electro-optical/infrared (EO/IR) sensor systems and advanced matching algorithms are being used in various force protection/security and tactical surveillance applications. To date, most of these sensor systems have been widely used in controlled conditions with varying success (e.g., short range, uniform illumination, cooperative subjects). However the limiting conditions of such systems have yet to be fully studied for long range applications and degraded imaging environments. Biometric technologies used for long range applications will invariably suffer from the effects of atmospheric turbulence degradation. Atmospheric turbulence causes blur, distortion and intensity fluctuations that can severely degrade image quality of electro-optic and thermal imaging systems and, for the case of biometrics technology, translate to poor matching algorithm performance. In this paper, we evaluate the effects of atmospheric turbulence and sensor resolution on biometric matching algorithm performance. We use a subset of the Facial Recognition Technology (FERET) database and a commercial algorithm to analyze facial recognition performance on turbulence degraded facial images. The goal of this work is to understand the feasibility of long-range facial recognition in degraded imaging conditions, and the utility of camera parameter trade studies to enable the design of the next generation biometrics sensor systems.

As organization search more secure authentication method for user access, biometric security technology is gaining more and more attention. The implementation of biometric security technology in accounting information systems was physical access, virtual access, e-commerce applications and covert suveillance. There are three phase when an organization implementation biometric technology: strategic planning and budgeting, developing a system reliability plan and documentation. The challenges w...

As organization search more secure authentication method for user access, biometric security technology is gaining more and more attention. The implementation of biometric security technology in accounting information systems was physical access, virtual access, e-commerce applications and covert suveillance. There are three phase when an organization implementation biometric technology: strategic planning and budgeting, developing a system reliability plan and documentation. The challenges w...

The issue of secure online transactions is of almost importance in the present day world of Internet based commercial applications. Accurate authentication of a person before he or she is allowed to use a resource is very important. On the other hand biometrics is fast developing as a reliable and accurate system for person identification. Biometrics can be the answer to most of the security related problems of the online commercial world. Finger based matching and authenticationsystems are one of the most reliable systems that can be used for security applications. In this paper, we present a detailed description and implementation procedure for a fingerprint based matching and authenticationsystem using Filterbank approach. The algorithm has been found to give good performance for low quality images. (author)

The book presents three most significant areas in Biometrics and Pattern Recognition. A step-by-step approach for design and implementation of Dual Tree Complex Wavelet Transform (DTCWT) plus Rotated Complex Wavelet Filters (RCWF) is discussed in detail. In addition to the above, the book provides detailed analysis of iris images and two methods of iris segmentation. It also discusses simplified study of some subspace-based methods and distance measures for iris recognition backed by empirical studies and statistical success verifications.

The continuous dependence on electronic media has radically changed our interactions, many of which are now performed online. In many occasions users need to authenticate to remote machines, but the hostile environment of the Internet may severely expose users and service providers. To counter these

from the sensor) as a second-tier authentication is problematic because the monitored data are often pathological (i.e. revealing disease symptoms...Standards and Technology, March 2006. 17. Tan B and Schuckers S. Liveness detection for fingerprint scanners based on the statistics of wavelet signal

The development of biometricsystems is one of the labor-intensive processes. Therefore, the creation and analysis of approaches and techniques is an urgent task at present. This article presents a technique of modeling and prototyping biometricsystems based on dataflow programming. The technique includes three main stages: the development of functional blocks, the creation of a dataflow graph and the generation of a prototype. A specially developed software modeling environment that implements this technique is described. As an example of the use of this technique, an example of the implementation of the iris localization subsystem is demonstrated. A variant of modification of dataflow programming is suggested to solve the problem related to the undefined order of block activation. The main advantage of the presented technique is the ability to visually display and design the model of the biometricsystem, the rapid creation of a working prototype and the reuse of the previously developed functional blocks.

Biometric is the science of human recognition based upon using their biological, chemical or behavioural traits. These systems are used in many real life applications simply from biometric based attendance system to providing security at very sophisticated level. A biometricsystem deals with raw data captured using a sensor and feature template extracted from raw image. One of the challenges being faced by designers of these systems is to secure template data extracted from the biometric mod...

The study was about the design and development of Biometric Traffic Offence System (BTOS) that would ease storage and retrieval of traffic offence cases in the Federal Road Safety Commission (FRSC) and the Traffic department of Nigeria Police force. The method used to manage traffic cases is manual; information ...

We study two-stage search procedures for biometric identification systems in an information-theoretical setting. Our main conclusion is that clustering based on vector-quantization achieves the optimum trade-off between the number of clusters (cluster rate) and the number of individuals within a

Biometricsystems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometricsystems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometricauthentication can also be safely applied.

Full Text Available Biometricsystems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometricsystems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometricauthentication can also be safely applied.

Full Text Available On the basis of an acoustic biometricsystem that captures 16 acoustic images of a person for 4 frequencies and 4 positions, a study was carried out to improve the performance of the system. On a first stage, an analysis to determine which images provide more information to the system was carried out showing that a set of 12 images allows the system to obtain results that are equivalent to using all of the 16 images. Finally, optimization techniques were used to obtain the set of weights associated with each acoustic image that maximizes the performance of the biometricsystem. These results improve significantly the performance of the preliminary system, while reducing the time of acquisition and computational burden, since the number of acoustic images was reduced.

On the basis of an acoustic biometricsystem that captures 16 acoustic images of a person for 4 frequencies and 4 positions, a study was carried out to improve the performance of the system. On a first stage, an analysis to determine which images provide more information to the system was carried out showing that a set of 12 images allows the system to obtain results that are equivalent to using all of the 16 images. Finally, optimization techniques were used to obtain the set of weights associated with each acoustic image that maximizes the performance of the biometricsystem. These results improve significantly the performance of the preliminary system, while reducing the time of acquisition and computational burden, since the number of acoustic images was reduced. PMID:24616643

User authentication is one of the most important part of information security. Computer security most commonly depends on passwords to authenticate human users. Password authenticationsystems will be either been usable but not secure, or secure but not usable. While there are different types of authenticationsystems available alphanumeric password is the most commonly used authentication mechanism. But this method has significant drawbacks. An alternative solution to the text based authenti...

Full Text Available Electrocardiogram signals acquired through a steering wheel could be the key to seamless, highly comfortable, and continuous human recognition in driving settings. This paper focuses on the enhancement of the unprecedented lesser quality of such signals, through the combination of Savitzky-Golay and moving average filters, followed by outlier detection and removal based on normalised cross-correlation and clustering, which was able to render ensemble heartbeats of significantly higher quality. Discrete Cosine Transform (DCT and Haar transform features were extracted and fed to decision methods based on Support Vector Machines (SVM, k-Nearest Neighbours (kNN, Multilayer Perceptrons (MLP, and Gaussian Mixture Models - Universal Background Models (GMM-UBM classifiers, for both identification and authentication tasks. Additional techniques of user-tuned authentication and past score weighting were also studied. The method’s performance was comparable to some of the best recent state-of-the-art methods (94.9% identification rate (IDR and 2.66% authentication equal error rate (EER, despite lesser results with scarce train data (70.9% IDR and 11.8% EER. It was concluded that the method was suitable for biometric recognition with driving electrocardiogram signals, and could, with future developments, be used on a continuous system in seamless and highly noisy settings.

Electrocardiogram signals acquired through a steering wheel could be the key to seamless, highly comfortable, and continuous human recognition in driving settings. This paper focuses on the enhancement of the unprecedented lesser quality of such signals, through the combination of Savitzky-Golay and moving average filters, followed by outlier detection and removal based on normalised cross-correlation and clustering, which was able to render ensemble heartbeats of significantly higher quality. Discrete Cosine Transform (DCT) and Haar transform features were extracted and fed to decision methods based on Support Vector Machines (SVM), k-Nearest Neighbours (kNN), Multilayer Perceptrons (MLP), and Gaussian Mixture Models - Universal Background Models (GMM-UBM) classifiers, for both identification and authentication tasks. Additional techniques of user-tuned authentication and past score weighting were also studied. The method's performance was comparable to some of the best recent state-of-the-art methods (94.9% identification rate (IDR) and 2.66% authentication equal error rate (EER)), despite lesser results with scarce train data (70.9% IDR and 11.8% EER). It was concluded that the method was suitable for biometric recognition with driving electrocardiogram signals, and could, with future developments, be used on a continuous system in seamless and highly noisy settings.

In this paper we present a model of biometric identification system transformed into Petri Nets. Petri Nets, as a graphical and mathematical tool, provide a uniform environment for modelling, formal analysis, and design of discrete event systems. The main objective of this paper is to introduce the fundamental concepts of Petri Nets to the researchers and practitioners, both from identification systems, who are involved in the work in the areas of modelling and analysis of biometric identification types of systems, as well as those who may potentially be involved in these areas. In addition, the paper introduces high-level Petri Nets, as Colored Petri Nets (CPN). In this paper the model of Colored Petri Net describes the identification process much simpler.

This paper presents a multimodal biometric identification system based on the features of the human hand. We describe a new biometric approach to personal identification using eigenfinger and eigenpalm features, with fusion applied at the matching-score level. The identification process can be divided into the following phases: capturing the image; preprocessing; extracting and normalizing the palm and strip-like finger subimages; extracting the eigenpalm and eigenfinger features based on the K-L transform; matching and fusion; and, finally, a decision based on the (k, l)-NN classifier and thresholding. The system was tested on a database of 237 people (1,820 hand images). The experimental results showed the effectiveness of the system in terms of the recognition rate (100 percent), the equal error rate (EER = 0.58 percent), and the total error rate (TER = 0.72 percent).

In the application domain of electronic commerce, biometricauthentication can provide one possible solution for the key management problem. Besides server-based approaches, methods of deriving digital keys directly from biometric measures appear to be advantageous. In this paper, we analyze one of our recently published specific algorithms of this category based on behavioral biometrics of handwriting, the biometric hash. Our interest is to investigate to which degree each of the underlying feature parameters contributes to the overall intrapersonal stability and interpersonal value space. We will briefly discuss related work in feature evaluation and introduce a new methodology based on three components: the intrapersonal scatter (deviation), the interpersonal entropy, and the correlation between both measures. Evaluation of the technique is presented based on two data sets of different size. The method presented will allow determination of effects of parameterization of the biometricsystem, estimation of value space boundaries, and comparison with other feature selection approaches.

Full Text Available In the application domain of electronic commerce, biometricauthentication can provide one possible solution for the key management problem. Besides server-based approaches, methods of deriving digital keys directly from biometric measures appear to be advantageous. In this paper, we analyze one of our recently published specific algorithms of this category based on behavioral biometrics of handwriting, the biometric hash. Our interest is to investigate to which degree each of the underlying feature parameters contributes to the overall intrapersonal stability and interpersonal value space. We will briefly discuss related work in feature evaluation and introduce a new methodology based on three components: the intrapersonal scatter (deviation, the interpersonal entropy, and the correlation between both measures. Evaluation of the technique is presented based on two data sets of different size. The method presented will allow determination of effects of parameterization of the biometricsystem, estimation of value space boundaries, and comparison with other feature selection approaches.

An acoustic electronic scanning array for acquiring images from a person using a biometric application is developed. Based on pulse-echo techniques, multifrequency acoustic images are obtained for a set of positions of a person (front, front with arms outstretched, back and side). Two Uniform Linear Arrays (ULA) with 15 λ/2-equispaced sensors have been employed, using different spatial apertures in order to reduce sidelobe levels. Working frequencies have been designed on the basis of the main lobe width, the grating lobe levels and the frequency responses of people and sensors. For a case-study with 10 people, the acoustic profiles, formed by all images acquired, are evaluated and compared in a mean square error sense. Finally, system performance, using False Match Rate (FMR)/False Non-Match Rate (FNMR) parameters and the Receiver Operating Characteristic (ROC) curve, is evaluated. On the basis of the obtained results, this system could be used for biometric applications. PMID:22163708

Full Text Available An acoustic electronic scanning array for acquiring images from a person using a biometric application is developed. Based on pulse-echo techniques, multifrequency acoustic images are obtained for a set of positions of a person (front, front with arms outstretched, back and side. Two Uniform Linear Arrays (ULA with 15 l/2-equispaced sensors have been employed, using different spatial apertures in order to reduce sidelobe levels. Working frequencies have been designed on the basis of the main lobe width, the grating lobe levels and the frequency responses of people and sensors. For a case-study with 10 people, the acoustic profiles, formed by all images acquired, are evaluated and compared in a mean square error sense. Finally, system performance, using False Match Rate (FMR/False Non-Match Rate (FNMR parameters and the Receiver Operating Characteristic (ROC curve, is evaluated. On the basis of the obtained results, this system could be used for biometric applications.

Full Text Available Autopoietic theory which represents a framework for describing complex non-linear and especially living systems is described in a context of biometric characteristics. It is argued that any living system by performing an internal process of reproducing its structural components yields physical biometric characteristics. Likewise any living system when structurally coupling to another (eventually allopoietic system yields a behavioral or psychological characteristic of the living system. It is shown that any system that can be considered as autopoietic can potentially be measured, authenticated and/or identified using adequate biometric methods, and thus biometrics is applicable to any autopoietic system: living beings, groups of living beings, social systems, organizations as well as information systems. In the end implications of such a conceptualization are discussed as well as possible applications.

Full Text Available ABSTRACT This article describes a computational framework which can run almost on every computer connected to an IP based network to study biometric techniques. This paper discusses with a system protecting confidential information puts strong security demands on the identification. Biometry provides us with a user-friendly method for this identification and is becoming a competitor for current identification mechanisms. The experimentation section focuses on biometric verification specifically based on fingerprints. This article should be read as a warning to those thinking of using methods of identification without first examine the technical opportunities for compromising mechanisms and the associated legal consequences. The development is based on the java language that easily improves software packages that is useful to test new control techniques.

Full Text Available We present a methodology of reliability estimation in the multimodal biometric verification scenario. Reliability estimation has shown to be an efficient and accurate way of predicting and correcting erroneous classification decisions in both unimodal (speech, face, online signature and multimodal (speech and face systems. While the initial research results indicate the high potential of the proposed methodology, the performance of the reliability estimation in a multimodal setting has not been sufficiently studied or evaluated. In this paper, we demonstrate the advantages of using the unimodal reliability information in order to perform an efficient biometric fusion of two modalities. We further show the presented method to be superior to state-of-the-art multimodal decision-level fusion schemes. The experimental evaluation presented in this paper is based on the popular benchmarking bimodal BANCA database.

In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometricsystem that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometricsystem that can measure a user's biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user's private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user's biometrics to facilitate cryptographic mechanisms

A method and associated system for use of statistical parameters based on peak amplitudes and/or time interval lengths and/or depolarization-repolarization vector angles and/or depolarization-repolarization vector lengths for PQRST electrical signals associated with heart waves, to identify a person. The statistical parameters, estimated to be at least 192, serve as biometric indicia, to authenticate, or to decline to authenticate, an asserted identity of a candidate person.

We mathematically model the mammalian Visual System's (VS) capability of spotting objects. How can a hawk see a tiny running rabbit from miles above ground? How could that rabbit see the approaching hawk? This predatorprey interaction draws parallels with spotting a familiar person in a crowd. We assume that mammal eyes use peripheral vision to perceive unexpected changes from our memory, and then use our central vision (fovea) to pay attention. The difference between an image and our memory of that image is usually small, mathematically known as a 'sparse representation'. The VS communicates with the brain using a finite reservoir of neurotransmittents, which produces an on-center and thus off-surround Hubel/Wiesel Mexican hat receptive field. This is the basis of our model. This change detection mechanism could drive our attention, allowing us to hit a curveball. If we are about to hit a baseball, what information extracted by our HVS tells us where to swing? Physical human features such as faces, irises, and fingerprints have been successfully used for identification (Biometrics) for decades, recently including voice and walking style for identification from further away. Biologically, humans must use a change detection strategy to achieve an ordered sparseness and use a sigmoid threshold for noisy measurements in our Hetero-Associative Memory [HAM] classifier for fault tolerant recall. Human biometrics is dynamic, and therefore involves more than just the surface, requiring a 3 dimensional measurement (i.e. Daugman/Gabor iris features). Such a measurement can be achieved using the partial coherence of a laser's reflection from a 3-D biometric surface, creating more degrees of freedom (d.o.f.) to meet the Army's challenge of distant Biometrics. Thus, one might be able to increase the standoff loss of less distinguished degrees of freedom (DOF).

Full Text Available Individuals behave differently regarding to biometricauthenticationsystems. This fact was formalized in the literature by the concept of Biometric Menagerie, defining and labeling user groups with animal names in order to reflect their characteristics with respect to biometricsystems. This concept was illustrated for face, fingerprint, iris, and speech modalities. The present study extends the Biometric Menagerie to online signatures, by proposing a novel methodology that ties specific quality measures for signatures to categories of the Biometric Menagerie. Such measures are combined for retrieving automatically writer categories of the extended version of the Biometric Menagerie. Performance analysis with different types of classifiers shows the pertinence of our approach on the well-known MCYT-100 database.

Individuals behave differently regarding to biometricauthenticationsystems. This fact was formalized in the literature by the concept of Biometric Menagerie, defining and labeling user groups with animal names in order to reflect their characteristics with respect to biometricsystems. This concept was illustrated for face, fingerprint, iris, and speech modalities. The present study extends the Biometric Menagerie to online signatures, by proposing a novel methodology that ties specific quality measures for signatures to categories of the Biometric Menagerie. Such measures are combined for retrieving automatically writer categories of the extended version of the Biometric Menagerie. Performance analysis with different types of classifiers shows the pertinence of our approach on the well-known MCYT-100 database.

Full Text Available Biometric is the science of human recognition based upon using their biological, chemical or behavioural traits. These systems are used in many real life applications simply from biometric based attendance system to providing security at very sophisticated level. A biometricsystem deals with raw data captured using a sensor and feature template extracted from raw image. One of the challenges being faced by designers of these systems is to secure template data extracted from the biometric modalities of the user and protect the raw images. To minimize spoof attacks on biometricsystems by unauthorised users one of the solutions is to use multi-biometricsystems. Multi-modal biometricsystem works by using fusion technique to merge feature templates generated from different modalities of the human. In this work a new scheme is proposed to secure template during feature fusion level. Scheme is based on union operation of fuzzy relations of templates of modalities during fusion process of multimodal biometricsystems. This approach serves dual purpose of feature fusion as well as transformation of templates into a single secured non invertible template. The proposed technique is cancelable and experimentally tested on a bimodal biometricsystem comprising of fingerprint and hand geometry. Developed scheme removes the problem of an attacker learning the original minutia position in fingerprint and various measurements of hand geometry. Given scheme provides improved performance of the system with reduction in false accept rate and improvement in genuine accept rate.

Full Text Available This paper proposes a user authentication using personal history of each user. Here, authentication is done by giving answers to questions about the history of user's daily life. Users do not have to memorize any password, since the passwords are what users already know by experience. In addition, everyday-life experience increases day by day, and thus the question could change on every authentication trial. In this paper, a user authenticationsystem using user's e-mail history is shown as a prototype of our proposal, and some basic experiments to evaluate the availability of the system are carried out.

Biometrics verification can be efficiently used for intrusion detection and intruder identification in video surveillance systems. Biometrics techniques can be largely divided into traditional and the so-called soft biometrics. Whereas traditional biometrics deals with physical characteristics such as face features, eye iris, and fingerprints, soft biometrics is concerned with such information as gender, national origin, and height. Traditional biometrics is versatile and highly accurate. But it is very difficult to get traditional biometric data from a distance and without personal cooperation. Soft biometrics, although featuring less accuracy, can be used much more freely though. Recently, many researchers have been made on human identification using soft biometrics data collected from a distance. In this paper, we use both traditional and soft biometrics for human identification and propose a framework for solving such problems as lighting, occlusion, and shadowing. PMID:22919273

Biometrics verification can be efficiently used for intrusion detection and intruder identification in video surveillance systems. Biometrics techniques can be largely divided into traditional and the so-called soft biometrics. Whereas traditional biometrics deals with physical characteristics such as face features, eye iris, and fingerprints, soft biometrics is concerned with such information as gender, national origin, and height. Traditional biometrics is versatile and highly accurate. But it is very difficult to get traditional biometric data from a distance and without personal cooperation. Soft biometrics, although featuring less accuracy, can be used much more freely though. Recently, many researchers have been made on human identification using soft biometrics data collected from a distance. In this paper, we use both traditional and soft biometrics for human identification and propose a framework for solving such problems as lighting, occlusion, and shadowing.

Full Text Available Biometrics verification can be efficiently used for intrusion detection and intruder identification in video surveillance systems. Biometrics techniques can be largely divided into traditional and the so-called soft biometrics. Whereas traditional biometrics deals with physical characteristics such as face features, eye iris, and fingerprints, soft biometrics is concerned with such information as gender, national origin, and height. Traditional biometrics is versatile and highly accurate. But it is very difficult to get traditional biometric data from a distance and without personal cooperation. Soft biometrics, although featuring less accuracy, can be used much more freely though. Recently, many researchers have been made on human identification using soft biometrics data collected from a distance. In this paper, we use both traditional and soft biometrics for human identification and propose a framework for solving such problems as lighting, occlusion, and shadowing.

This work presents a heart sound biometricsystem based on marginal spectrum analysis, which is a new feature extraction technique for identification purposes. This heart sound identification system is comprised of signal acquisition, pre-processing, feature extraction, training, and identification. Experiments on the selection of the optimal values for the system parameters are conducted. The results indicate that the new spectrum coefficients result in a significant increase in the recognition rate of 94.40% compared with that of the traditional Fourier spectrum (84.32%) based on a database of 280 heart sounds from 40 participants. PMID:23429515

The future ofthe "secure transaction" and the success ofall undertakings that depend on absolute certainty that the individuals involved really are who and what they represent themselves to be is dependent upon the successful development of absolutely accurate, low-cost and easy-to-operate Biometric Identification Systems. Whether these transactions are political, military, financial or administrative (e.g. health cards, drivers licenses, welfare entitlement, national identification cards, credit card transactions, etc.), the need for such secure and positive identification has never been greater -and yet we are only at the beginning ofan era in which we will see the emergence and proliferation of Biometric Identification Systems in nearly every field ofhuman endeavor. Proper application ofthese systems will change the way the world operates, and that is precisely the goal ofComparator Systems Corporation. Just as with the photo-copier 40 years ago and the personal computer 20 years ago, the potential applications for positive personal identification are going to make the Biometric Identification System a commonplace component in the standard practice ofbusiness, and in interhuman relationships ofall kinds. The development of new and specific application hardware, as well as the necessary algorithms and related software required for integration into existing operating procedures and newly developed systems alike, has been a more-than-a-decade-long process at Comparator -and we are now on the verge of delivering these systems to the world markets so urgently in need of them. An individual could feel extremely confident and satisfied ifhe could present his credit, debit, or ATM card at any point of sale and, after inserting his card, could simply place his finger on a glass panel and in less than a second be positively accepted as being the person that the card purported him to be; not to mention the security and satisfaction of the vendor involved in knowing that

Full Text Available Terrorist attacks in New York City and Washington, Districtof Columbia on the morning of September 11, 2001 havechanged our lives. The secwity problem became very importantregarding all spheres of human activities. Tracking persons(employees, customers etc. in ITS (Intelligent Transport Systemis a huge problem. Biometrics offers a very good solutionfor this problem and is today maybe one of the most promisingtechniques for person's secure verification and authentication;biometricsystem also features some advantages when comparedto other security systems. When using a biometric systemone has to be careful because the functionality of a biometricapplication can be dramatically aggravated if inappropriatebiometric features are selected. Classification of biometric featureson contact and contactless, or distinction between"strong" and "soft" biometric features gives a framework for usingbiometric features, but it does not ensure that biometric featŁtres are implemented at a satisfactory level. The usage ofmultimodal or unimodal biometricsystem can significantly increasethe system security but it also opens plenty of questionslike privacy etc. This paper describes the implementation ofbiometric features which can be used in ITS, and delineates anew model of usage.

Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. R. Tolosana, R. Vera-Rodriguez, J. Ortega-Garcia and J. Fierrez, "Increasing the robustness of biometric templates for dynamic...

An overview is given of the Home of the 21st Century Laboratory. The laboratory is operated as a joint program with America-On-Line and George Washington University. The program is described with illustrations and discussion of the systems that are part of the laboratory. The concept of application for face recognition systems in the intelligent home of the future is presented and some initial approaches in using biometrics are shown. Issues of privacy and sharing of information within and outside the home are addressed. Issues include safety and security concerns vs. inappropriate observations of activities in and outside the home. Technology options currently available for application in the home are described and assessed.

Full Text Available Systems of remote education (RE are now widespread. These systems are convenient in terms of simplicity, efficiency of education, costs, opportunities to study with a teacher when you are in different parts of the globe, to attend online lectures and seminars. The information circulating in this system is a source of making money for its owner, which of course does not want the system (and the information in it to be used by not authorized users. In this article methods of authentication in such systems is discussed, because you can put a firewall, encrypt data transmissions, etc., but if there will be free access to the server, where all the information is held — it will all be useless.

... signature and encryption certificates for documents and email and to add biometricauthentication... National Archives Records Administration--Schedules for the type of record being maintained. System manager...

The identification technology based on multi-biometric can greatly improve the applicability, reliability and antifalsification. This paper presents a multi-biometricsystem bases on embedded system, which includes: three capture daughter boards are applied to obtain different biometric: one each for fingerprint, iris and vein of the back of hand; FPGA (Field Programmable Gate Array) is designed as coprocessor, which uses to configure three daughter boards on request and provides data path between DSP (digital signal processor) and daughter boards; DSP is the master processor and its functions include: control the biometric information acquisition, extracts feature as required and responsible for compare the results with the local database or data server through network communication. The advantages of this system were it can acquire three different biometric in real time, extracts complexity feature flexibly in different biometrics' raw data according to different purposes and arithmetic and network interface on the core-board will be the solution of big data scale. Because this embedded system has high stability, reliability, flexibility and fit for different data scale, it can satisfy the demand of multi-biometric recognition.

Within Smart Grid concept the flexible biometric-based module base on Principal Component Analysis (PCA) and selective Neural Network is developed. The formation of the selective Neural Network the biometric-based module uses the method which includes three main stages: preliminary processing of the image, face localization and face recognition. Experiments on the Yale face database show that (i) selective Neural Network exhibits promising classification capability for face detection, recognition problems; and (ii) the proposed biometric-based module achieves near real-time face detection, recognition speed and the competitive performance, as compared to some existing subspaces-based methods.

Full Text Available Digital image watermarking is a major domain for hiding the biometric information, in which the watermark data are made to be concealed inside a host image imposing imperceptible change in the picture. Due to the advance in digital image watermarking, the majority of research aims to make a reliable improvement in robustness to prevent the attack. The reversible invisible watermarking scheme is used for fingerprint and iris multimodal biometricsystem. A novel approach is used for fusing different biometric modalities. Individual unique modalities of fingerprint and iris biometric are extracted and fused using different fusion techniques. The performance of different fusion techniques is evaluated and the Discrete Wavelet Transform fusion method is identified as the best. Then the best fused biometric template is watermarked into a cover image. The various watermarking techniques such as the Discrete Cosine Transform (DCT, Singular Value Decomposition (SVD and Bacterial Foraging Optimization Algorithm (BFOA are implemented to the fused biometric feature image. Performance of watermarking systems is compared using different metrics. It is found that the watermarked images are found robust over different attacks and they are able to reverse the biometric template for Bacterial Foraging Optimization Algorithm (BFOA watermarking technique.

Biometric signatures for identity recognition have been practiced for centuries. Basically, the personal attributes used for a biometric identification system can be classified into two areas: one is based on physiological attributes, such as DNA, facial features, retinal vasculature, fingerprint, hand geometry, iris texture and so on; the other scenario is dependent on the individual behavioral attributes, such as signature, keystroke, voice and gait style. Among these features, iris recognition is one of the most attractive approaches due to its nature of randomness, texture stability over a life time, high entropy density and non-invasive acquisition. While the performance of iris recognition on high quality image is well investigated, not too many studies addressed that how iris recognition performs subject to non-ideal image data, especially when the data is acquired in challenging conditions, such as long working distance, dynamical movement of subjects, uncontrolled illumination conditions and so on. There are three main contributions in this paper. Firstly, the optical system parameters, such as magnification and field of view, was optimally designed through the first-order optics. Secondly, the irradiance constraints was derived by optical conservation theorem. Through the relationship between the subject and the detector, we could estimate the limitation of working distance when the camera lens and CCD sensor were known. The working distance is set to 3m in our system with pupil diameter 86mm and CCD irradiance 0.3mW/cm2. Finally, We employed a hybrid scheme combining eye tracking with pan and tilt system, wavefront coding technology, filter optimization and post signal recognition to implement a robust iris recognition system in dynamic operation. The blurred image was restored to ensure recognition accuracy over 3m working distance with 400mm focal length and aperture F/6.3 optics. The simulation result as well as experiment validates the proposed code

Full Text Available Aim of the research is to develop an anti-counterfeit consumer product authenticationsystem. The main requirements for this system are formulated, the choice of method of consumer product authentication is substantiated. The scheme of anti-counterfeit consumer product authenticationsystem is developed basing on previously proposed method of checking the QR-code integrity and authenticity. The proposed within the system consumer product authentication technology is simple, economical for implementation, does not require the external changes of product packaging, does not affect existing production process. The technology can be recommended for the use to private businesses and government institutions that are interested in the security of their products from counterfeiting, as well as tracking and removing from circulation the counterfeit consumer products.

.... According to the Strategic Services Sourcing (S3) performance work statement the purpose of the BISA is to provide a biometric base access control system that can operate in a hostile environment...

This document concentrates on the identification of a standardized assessment approach for the verification of security functionality in specific equipment, the Inspection Sampling Measurement System (ISMS) being developed for MAYAK. Specifically, an Authentication Assurance Level 3 is proposed to be reached in authenticating the ISMS

We implement a first practical holographic security system using electrical biometrics that combines optical encryption and digital holographic memory technologies. Optical information for identification includes a picture of face, a name, and a fingerprint, which has been spatially multiplexed by random phase mask used for a decryption key. For decryption in our biometric security system, a bit-error-detection method that compares the digital bit of live fingerprint with of fingerprint information extracted from hologram is used.

Reference systems and public databases are available for human biometrics, but to our knowledge nothing is available for animal biometrics. This is surprising because animals are not required to give their agreement to be in a database. This paper proposes a reference system and database for the northern leopard frog (Lithobates pipiens). Both are available for reproducible experiments. Results of both open set and closed set experiments are given.

Full Text Available Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure. One biometric characteristic can be easily spoofed, so it was believed that multi-modal biometrics would offer more security, because spoofing two or more biometrics would be very hard. This notion, of increased security of multi-modal biometricsystems, was disproved for authentication and matching, studies showing that not only multi-modal biometricsystems are not more secure, but they introduce additional vulnerabilities. This paper is a study on the implications of spoofing biometric data for retrieving the derived key. We demonstrate that spoofed biometrics can yield the same key, which in turn will lead an attacker to obtain the private key. A practical implementation is proposed using fingerprint and iris as biometrics and the fuzzy extractor for biometric key extraction. Our experiments show what happens when the biometric data is spoofed for both uni-modal systems and multi-modal. In case of multi-modal system tests were performed when spoofing one biometric or both. We provide detailed analysis of every scenario in regard to successful tests and overall key entropy. Our paper defines a biometric PKI scenario and an in depth security analysis for it. The analysis can be viewed as a blueprint for implementations of future similar systems, because it highlights the main security vulnerabilities for bioPKI. The analysis is not constrained to the biometric part of the system, but covers CA security, sensor security, communication interception, RSA encryption vulnerabilities regarding key entropy, and much more.

Full Text Available Implementation of keystroke dynamics in multifactor authenticationsystems is described in the article. Original access control system based on totality of matchers is presented. Testing results and useful recommendations are also adduced.

was designed on mobile android devices, but it did not provide a large choice or multiple ... password authenticationsystem android application devices. The system adds the ..... Password, Computer Science Thesis.Paper 2.Pg 5-18. 27.

Full Text Available This research proposes a multimodal multifeature biometricsystem for human recognition using two traits, that is, palmprint and iris. The purpose of this research is to analyse integration of multimodal and multifeature biometricsystem using feature level fusion to achieve better performance. The main aim of the proposed system is to increase the recognition accuracy using feature level fusion. The features at the feature level fusion are raw biometric data which contains rich information when compared to decision and matching score level fusion. Hence information fused at the feature level is expected to obtain improved recognition accuracy. However, information fused at feature level has the problem of curse in dimensionality; here PCA (principal component analysis is used to diminish the dimensionality of the feature sets as they are high dimensional. The proposed multimodal results were compared with other multimodal and monomodal approaches. Out of these comparisons, the multimodal multifeature palmprint iris fusion offers significant improvements in the accuracy of the suggested multimodal biometricsystem. The proposed algorithm is tested using created virtual multimodal database using UPOL iris database and PolyU palmprint database.

The basics of authentication are straightforward. One can prove his or her identity in three ways: (1) something one "has" (for example, a key or a birth certificate); (2) something one "knows" (such as a password); or (3) something one "is" (such as one's fingerprints, used in biometric technologies). In the world of computers and networks, the…

Authentication is based on something one knows (e.g., a password), something one has (e.g., a driver's license), or something one is (e.g., a fingerprint). The last of these refers to the use of biometrics for authentication. With the blink of an eye, the touch of a finger, or the uttering of a pass-phrase, colleges and schools can now get deadly…

Full Text Available Abstract One of the challenges facing result processing in Nigerian tertiary institutions is the problem of insecurity. Untraceable changes are made to students result and this result to various disasters such as innocent people losing their jobs since their innocence cannot be proven. Biometric based systems operate on behavioral and physiological biometric data to identify a person and grant required access to a user. Physiological characteristics such as fingerprint remains unchanged throughout an individuals life time and thus it can serve as a viable means of identifying and authenticating users who are to access a system. In this study fingerprint biometric based result processing software is developed to ensure that users are well authenticated and are made to see only what they are pre-configured to see and work with. The fingerprint authenticationsystem was developed using visual basic.net. Staff fingerprints were enrolled into the system to form a biometric template which the system validates against at every login attempt on the result processing software. The digital personal one touch ID sdk and other libraries were used in developing the authenticationsystem. The result processing software also ensures that all write transactions to the database are confirmed and identified by forcing another biometricauthentication at the point of making a write request to the web server and associated database. This ensures that the exact person initiating the transaction was the same user who logged in to the application. The users identified at login and various confirmation milestones set for write transactions are logged into a table for future reference and audit trail. Conclusively the developed system has helped to eradicate the problem of user impersonation by ensuring only authorized users are made to access the software and in-turn participate in result processing activities.

Authentication and authorisation are essential ingredients for effective protection of data in distributed information systems. Currently, they are being treated as separate components with specified input and output relations. Traditional authorisation components require all of the users’

Screen fingerprint is the new cyber biometric modality that we have proposed to measure and analyze active authentication. The screen finger ...as a new biometric modality for active authentication. Such a fingerprint is acquired by taking a screen recording of the computer being used and...extracting discriminative visual feature from the recording. 15. SUBJECT TERMS Active authentication, screen fingerprints, biometrics 16. SECURITY

Over the past two decades, there have been a lot of advances in the field of pattern analyses for biomedical signals, which have helped in both medical diagnoses and in furthering our understanding of the human body. A relatively recent area of interest is the utility of biomedical signals in the field of biometrics, i.e., for user identification. Seminal work in this domain has already been done using electrocardiograph (ECG) signals. In this paper, we discuss our ongoing work in using a relatively recent modality of biomedical signals-a cardio-synchronous waveform measured using a Radio-Frequency Impedance-Interrogation (RFII) device for the purpose of user identification. Compared to an ECG setup, this device is noninvasive and measurements can be obtained easily and quickly. Here, we discuss the feasibility of reducing the dimensions of these signals by projecting onto various subspaces while still preserving interuser discriminating information. We compare the classification performance using classical dimensionality reduction methods such as principal component analysis (PCA), independent component analysis (ICA), random projections, with more recent techniques such as K-SVD-based dictionary learning. We also report the reconstruction accuracies in these subspaces. Our results show that the dimensionality of the measured signals can be reduced by 60 fold while maintaining high user identification rates.

The Enhanced Data AuthenticationSystem (EDAS) is a secure branching concept that provides a safeguards inspectorate a copy of measurement data from operator instrumentation. Both safeguards inspector and facility operator requirements for secure branching have been established in previous work. These dictated the design and development of EDAS hardware and software. This paper presents the test plan for the EDAS prototypes, which need to demonstrate performance against the identified requirements. Sandia National Laboratories (SNL), Directorate-General for Energy (DG-Energy) in Luxembourg, and the Joint Research Centre (JRC) in Ispra will each perform different tests on the EDAS prototypes. Sandia, the developer, will perform comprehensive testing of functionality, robustness, and reliability. The JRC, as an independent technical organization, will evaluate electrical safety and other environmental factors important to facility operator acceptance. The JRC is also able to simulate field trial conditions using equipment similar to what will be used in the field trial. DG-Energy will confirm the Sandia tests and also test the interface of the EDAS prototype to the RADAR data acquisition and analysis system used by the Euratom inspectorate. The EDAS prototypes will be tested in a comprehensive field trial at the Westinghouse Springfields facility in a collaboration between Euratom inspectors and the facility operator. The field trial will support barcode and weight measurements taken related to the movements of nuclear material items entering and exiting the facility. One EDAS prototype will branch barcode scanner data, while the other will branch facility weight scale data. The branched data will be sent securely to an inspector computer, accessible to a Euratom inspector for data analysis. The field trial will test operational factors and environmental conditions. A critical outcome will be to ascertain whether the inspectorate gains an accurate picture of the

Full Text Available The intersubject dependencies of false nonmatch rates were investigated for a minutiae-based biometricauthentication process using single enrollment and verification measurements. A large number of genuine comparison scores were subjected to statistical inference tests that indicated that the number of false nonmatches depends on the subject and finger under test. This result was also observed if subjects associated with failures to enroll were excluded from the test set. The majority of the population (about 90% showed a false nonmatch rate that was considerably smaller than the average false nonmatch rate of the complete population. The remaining 10% could be characterized as “goats” due to their relatively high probability for a false nonmatch. The image quality reported by the template extraction module only weakly correlated with the genuine comparison scores. When multiple verification attempts were investigated, only a limited benefit was observed for “goats,” since the conditional probability for a false nonmatch given earlier nonsuccessful attempts increased with the number of attempts. These observations suggest that (1 there is a need for improved identification of “goats” during enrollment (e.g., using dedicated signal-driven analysis and classification methods and/or the use of multiple enrollment images and (2 there should be alternative means for identity verification in the biometricsystem under test in case of two subsequent false nonmatches.

Full Text Available Existing sustainable IT services have several problems related to user authentication such as the inefficiency of managing the system security, low security, and low usability. In this paper, we propose a Fast IDentity Online (FIDO authenticator that performs continuous authentication with implicit authentication based on user context and multimodal authentication. The proposed FIDO authenticator, a context-aware multimodal FIDO authentication (CAMFA method, combines information such as the user context, state of the mobile device, and user biometrics, then applies implicit and explicit authentication methods to meet the level of authentication required by the service provider. This reduces the user’s explicit authentication burden and continually authenticates users at risk during the session. Moreover, it is able to respond to attacks such as the theft of the authentication method or session hijacking. To study the effectiveness of CAMFA, we ran a user study by collecting data from 22 participants over 42 days of activity on a practical Android platform. The result of the user study demonstrates that the number of explicit authentication requests could be reduced by half. Based on the results of this study, an advanced user authentication that provides multimodal and continuous authentication could be applied to sustainable IT services.

Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authenticationsystems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authenticationsystem that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authenticationssystem to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

Biometricsystems are gaining importance because of increased reliability for authentication and identification. A biometric recognition technique has been proposed earlier, in which biohashing code has been generated by using a joint transform correlator. The main drawback of the base biohashing method is the low performance of the technique when an "impostor" steals the pseudo-random numbers of the genuine and tries to authenticate as genuine. In the proposed technique, soft biometrics of the same person has been used to improve the discrimination between the genuine and the impostor populations. The soft biometrics are those characteristics that provide some information about the individual, but lack the distinctiveness and permanence to sufficiently differentiate between any two individuals. In the enrolment process, biohash code of the target face images has been integrated with the different soft biometrics of the same person. The obtained code has been stored for verification. In the verification process, biohash code of the face image to be verified is again diffused with the soft biometric of the person. The obtained code is matched with the stored code of the target. The receiving operating characteristic (ROC) curve and the equal error rate (EER) have been used to evaluate the performance of the technique. A detailed study has been carried out to find out the optimum values of the weighting factor for the diffusion process.

Drawing on the results of an acoustic biometricsystem based on a MSE classifier, a new biometricsystem has been implemented. This new system preprocesses acoustic images, extracts several parameters and finally classifies them, based on Support Vector Machine (SVM). The preprocessing techniques used are spatial filtering, segmentation-based on a Gaussian Mixture Model (GMM) to separate the person from the background, masking-to reduce the dimensions of images-and binarization-to reduce the size of each image. An analysis of classification error and a study of the sensitivity of the error versus the computational burden of each implemented algorithm are presented. This allows the selection of the most relevant algorithms, according to the benefits required by the system. A significant improvement of the biometricsystem has been achieved by reducing the classification error, the computational burden and the storage requirements.

licenses, credit cards, online retailers , and even military installations all rely on various methods to identify and authenticate individuals in... Malaysia ..................................................................................92 2. 2004—Pakistan and Belgium...first state to establish a national biometric screening program was Malaysia in 1998 with several others that followed suit in 2004–2006, many of which

As biometrics-based identification and identity authentication become increasingly widespread in their deployment, it becomes correspondingly important to consider more carefully issues relating to reliability, usability and inclusion. One factor which is particularly important in this context is that of the relationship between the nature of the measurements extracted from a particular biometric modality and the age of the sample donor, and the effect which age has on physiological and behavioural characteristics invoked in a biometric transaction. In Age Factors in Biometric Processing an in

In this paper, we present a new technique to obtain biometric keys by using the fingerprint of a person for an optical image encryption system. The key generation scheme uses the fingerprint biometric information in terms of the amplitude mask (AM) and the phase mask (PM) of the reconstructed fingerprint image that is implemented using the digital holographic technique. Statistical tests have been conducted to check the randomness of the fingerprint PM key that enables its usage as an image encryption key. To explore the utility of the generated biometric keys, an optical image encryption system has been further demonstrated based on the phase retrieval algorithm and the double random phase encoding scheme in which keys for the encryption are used as the AM and the PM key. The advantage associated with the proposed scheme is that the biometric keys’ retrieval requires the simultaneous presence of the fingerprint hologram and the correct knowledge of the reconstruction parameters at the decryption stage, which not only verifies the authenticity of the person but also protects the valuable fingerprint biometric features of the keys. Numerical results are carried out to prove the feasibility and the effectiveness of the proposed encryption system.

Traditional biometric recognition systems rely on a single biometric signature for authentication. While the advantage of using multiple sources of information for establishing the identity has been widely recognized, computational models for multimodal biometrics recognition have only recently received attention. We propose a multimodal sparse representation method, which represents the test data by a sparse linear combination of training data, while constraining the observations from different modalities of the test subject to share their sparse representations. Thus, we simultaneously take into account correlations as well as coupling information among biometric modalities. A multimodal quality measure is also proposed to weigh each modality as it gets fused. Furthermore, we also kernelize the algorithm to handle nonlinearity in data. The optimization problem is solved using an efficient alternative direction method. Various experiments show that the proposed method compares favorably with competing fusion-based methods.

Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.

Biometric identification systems use given parameters and function on the basis of Colored Petri Nets as a modelling language developed for systems in which communication, synchronization and distributed resources play an important role. Colored Petri Nets combine the strengths of Classical Petri Nets with the power of a high-level programming language. Coloured Petri Nets have both, formal intuitive and graphical presentations. Graphical CPN model consists of a set of interacting modules which include a network of places, transitions and arcs. Mathematical representation has a well-defined syntax and semantics, as well as defines system behavioural properties. One of the best known features used in biometric is the human finger print pattern. During the last decade other human features have become of interest, such as iris-based or face recognition. The objective of this paper is to introduce the fundamental concepts of Petri Nets in relation to tooth shape analysis. Biometric identification systems functioning has two phases: data enrollment phase and identification phase. During the data enrollment phase images of teeth are added to database. This record contains enrollment data as a noisy version of the biometrical data corresponding to the individual. During the identification phase an unknown individual is observed again and is compared to the enrollment data in the database and then system estimates the individual. The purpose of modeling biometric identification system by means of Petri Nets is to reveal the following aspects of the functioning model: the efficiency of the model, behavior of the model, mistakes and accidents in the model, feasibility of the model simplification or substitution of its separate components for more effective components without interfering system functioning. The results of biometric identification system modeling and evaluating are presented and discussed.

A secure system for authenticating the identity of ADS-B systems, including: an authenticator, including a unique id generator and a transmitter transmitting the unique id to one or more ADS-B transmitters; one or more ADS-B transmitters, including a receiver receiving the unique id, one or more secure processing stages merging the unique id with the ADS-B transmitter's identification, data and secret key and generating a secure code identification and a transmitter transmitting a response containing the secure code and ADSB transmitter's data to the authenticator; the authenticator including means for independently determining each ADS-B transmitter's secret key, a receiver receiving each ADS-B transmitter's response, one or more secure processing stages merging the unique id, ADS-B transmitter's identification and data and generating a secure code, and comparison processing comparing the authenticator-generated secure code and the ADS-B transmitter-generated secure code and providing an authentication signal based on the comparison result.

Smart environments established by the development of mobile technology have brought vast benefits to human being. However, authentication mechanisms on portable smart devices, particularly conventional biometric based approaches, still remain security and privacy concerns. These traditional systems are mostly based on pattern recognition and machine learning algorithms, wherein original biometric templates or extracted features are stored under unconcealed form for performing matching with a new biometric sample in the authentication phase. In this paper, we propose a novel gait based authentication using biometric cryptosystem to enhance the system security and user privacy on the smart phone. Extracted gait features are merely used to biometrically encrypt a cryptographic key which is acted as the authentication factor. Gait signals are acquired by using an inertial sensor named accelerometer in the mobile device and error correcting codes are adopted to deal with the natural variation of gait measurements. We evaluate our proposed system on a dataset consisting of gait samples of 34 volunteers. We achieved the lowest false acceptance rate (FAR) and false rejection rate (FRR) of 3.92% and 11.76%, respectively, in terms of key length of 50 bits.

Full Text Available Smart environments established by the development of mobile technology have brought vast benefits to human being. However, authentication mechanisms on portable smart devices, particularly conventional biometric based approaches, still remain security and privacy concerns. These traditional systems are mostly based on pattern recognition and machine learning algorithms, wherein original biometric templates or extracted features are stored under unconcealed form for performing matching with a new biometric sample in the authentication phase. In this paper, we propose a novel gait based authentication using biometric cryptosystem to enhance the system security and user privacy on the smart phone. Extracted gait features are merely used to biometrically encrypt a cryptographic key which is acted as the authentication factor. Gait signals are acquired by using an inertial sensor named accelerometer in the mobile device and error correcting codes are adopted to deal with the natural variation of gait measurements. We evaluate our proposed system on a dataset consisting of gait samples of 34 volunteers. We achieved the lowest false acceptance rate (FAR and false rejection rate (FRR of 3.92% and 11.76%, respectively, in terms of key length of 50 bits.

The thesis deals with biometrics and biometricsystems and the possibility to use these systems in the enterprise. Aim of this study is an analysis and description of selected types of biometric identification methods and their advantages and shortcomings. The work is divided into two parts. The first part is theoretical, describes the basic concepts of biometrics, biometric identification criteria, currently used identification systems, the ways of biometricsystems use, performance measurem...

Full Text Available Today, digitalization decisively penetrates all the sides of the modern society. One of the key enablers to maintain this process secure is authentication. It covers many different areas of a hyper-connected world, including online payments, communications, access right management, etc. This work sheds light on the evolution of authenticationsystems towards Multi-Factor Authentication (MFA starting from Single-Factor Authentication (SFA and through Two-Factor Authentication (2FA. Particularly, MFA is expected to be utilized for human-to-everything interactions by enabling fast, user-friendly, and reliable authentication when accessing a service. This paper surveys the already available and emerging sensors (factor providers that allow for authenticating a user with the system directly or by involving the cloud. The corresponding challenges from the user as well as the service provider perspective are also reviewed. The MFA system based on reversed Lagrange polynomial within Shamir’s Secret Sharing (SSS scheme is further proposed to enable more flexible authentication. This solution covers the cases of authenticating the user even if some of the factors are mismatched or absent. Our framework allows for qualifying the missing factors by authenticating the user without disclosing sensitive biometric data to the verification entity. Finally, a vision of the future trends in MFA is discussed.

Smart card systems are most cost efficient when implemented as a distributed system, which is a system without central host interaction or a local database of card numbers for verifying transaction approval. A distributed system, as such, presents special card and user authentication problems. Fortunately, smart cards offer processing capabilities that provide solutions to authentication problems, provided the system is designed with proper data integrity measures. Smart card systems maintain data integrity through a security design that controls data sources and limits data changes. A good security design is usually a result of a system analysis that provides a thorough understanding of the application needs. Once designers understand the application, they may specify authentication techniques that mitigate the risk of system compromise or failure. Current authentication techniques include cryptography, passwords, challenge/response protocols, and biometrics. The security design includes these techniques to help prevent counterfeit cards, unauthorized use, or information compromise. This paper discusses card authentication and user identity techniques that enhance security for microprocessor card systems. It also describes the analysis process used for determining proper authentication techniques for a system

The AuthenticationSystem Sub Group of J-PARC Information System Group completed the mapping of the several authentication methods in terms of the level of security. Of the methods, the PKI authentication method with IC card provides the Super High Security Level and will be adopted as the authentication method of several J-PARC Information Systems. We study the feasibility of this method with following four examples; (1) 'The EAP-TLS wireless LAN authentication method'. (2) 'The Web-SSL client authentication method in SSL-VPN connection'. (3) 'The PKI authentication method with a certificate issued by NAREGI-CA software stored in IC card.' (4) 'The PKI authentication method with Dual interface FeliCa card'. In each example, we confirmed the feasibility of the method in a practical way. In this report we present the details of the study. (author)

Full Text Available A biometric recognition system is one of the leading candidates for the current and the next generation of smart visual systems. The visual system is the engine of the surveillance cameras that have great importance for intelligence and security purposes. These surveillance devices can be a target of adversaries for accomplishing various malicious scenarios such as disabling the camera in critical times or the lack of recognition of a criminal. In this work, we propose a cross-layer biometric recognition system that has small computational complexity and is suitable for mobile Internet of Things (IoT devices. Furthermore, due to the involvement of both hardware and software in realizing this system in a decussate and chaining structure, it is easier to locate and provide alternative paths for the system flow in the case of an attack. For security analysis of this system, one of the elements of this system named the advanced encryption standard (AES is infected by four different Hardware Trojansthat target different parts of this module. The purpose of these Trojans is to sabotage the biometric data that are under process by the biometric recognition system. All of the software and the hardware modules of this system are implemented using MATLAB and Verilog HDL, respectively. According to the performance evaluation results, the system shows an acceptable performance in recognizing healthy biometric data. It is able to detect the infected data, as well. With respect to its hardware results, the system may not contribute significantly to the hardware design parameters of a surveillance camera considering all the hardware elements within the device.

Systems and methods for remote, long standoff biometric identification using microwave cardiac signals are provided. In one embodiment, the invention relates to a method for remote biometric identification using microwave cardiac signals, the method including generating and directing first microwave energy in a direction of a person, receiving microwave energy reflected from the person, the reflected microwave energy indicative of cardiac characteristics of the person, segmenting a signal indicative of the reflected microwave energy into a waveform including a plurality of heart beats, identifying patterns in the microwave heart beats waveform, and identifying the person based on the identified patterns and a stored microwave heart beats waveform.

This paper recommend a biometric color images hiding approach An Watermarking System based on Discrete Cosine Transform (DCT), which is used to protect the security and integrity of transmitted biometric color images. Watermarking is a very important hiding information (audio, video, color image, gray image) technique. It is commonly used on digital objects together with the developing technology in the last few years. One of the common methods used for hiding information on image files is DCT method which used in the frequency domain. In this study, DCT methods in order to embed watermark data into face images, without corrupting their features.

This book focuses on use of voice as a biometric measure for personal authentication. In particular, "Speaker Recognition" covers two approaches in speaker authentication: speaker verification (SV) and verbal information verification (VIV). The SV approach attempts to verify a speaker’s identity based on his/her voice characteristics while the VIV approach validates a speaker’s identity through verification of the content of his/her utterance(s). SV and VIV can be combined for new applications. This is still a new research topic with significant potential applications. The book provides with a broad overview of the recent advances in speaker authentication while giving enough attention to advanced and useful algorithms and techniques. It also provides a step by step introduction to the current state of the speaker authentication technology, from the fundamental concepts to advanced algorithms. We will also present major design methodologies and share our experience in developing real and successful speake...

E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be accessed by the users at anytime. Many authentication protocols have been proposed to ensure the secure authenticated access to the Telecare Medical Information System. These protocols are designed to provide certain properties such as: anonymity, untraceability, unlinkability, privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism, which provides security against some attacks such as: identity theft, password guessing, denial of service, impersonation and insider attacks. This paper reviews these proposed authentication protocols and discusses their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category comparison has been performed for these schemes and based on the derived results we propose future directions and recommendations that can be very helpful to the researchers who work on the design and implementation of authentication protocols.

Full Text Available This paper presents a text independent speaker authentication method adapted to mobile devices. Special attention was placed on delivering a fully operational application, which admits a sufficient reliability level and an efficient functioning. To this end, we have excluded the need for any network communication. Hence, we opted for the completion of both the training and the identification processes directly on the mobile device through the extraction of linear prediction cepstral coefficients and the naive Bayes algorithm as the classifier. Furthermore, the authentication decision is enhanced to overcome misidentification through access privileges that the user should attribute to each application beforehand. To evaluate the proposed authenticationsystem, eleven participants were involved in the experiment, conducted in quiet and noisy environments. Public speech corpora were also employed to compare this implementation to existing methods. Results were efficient regarding mobile resources’ consumption. The overall classification performance obtained was accurate with a small number of samples. Then, it appeared that our authenticationsystem might be used as a first security layer, but also as part of a multilayer authentication, or as a fall-back mechanism.

Full Text Available Biometricsystems play an important role in digital investigation process as a important factor of authentication and verification applications, since they are strongly linked to the holder of a biometric traits and possible suspect. Thus it is important that biometricsystems can be designed to withstand attacks when employed in security-critical applications, especially in unattended remote applications such as energy plants, access to borders at airports, ecommerce etc. Biometric recognition either raises important legal issues of remediation, authority, and reliability, and, of course, privacy. The standard assumptions of the technologists who design new techniques, capabilities, and systems are very different from those embedded in the legal system. Legal precedent on the use of biometric technology is growing, with some key cases going back decades and other more recent cases having raised serious questions about the admissibility of biometric evidence in court. In this paper authors is about to explain influence of reliability of biometricsystem on general acceptance of digital evidence in Court of Justice process. Through paper authors are also about to propose vulnerability assessment of biometricsystem as improvementfactor of reliability of existing methodology for preserving chain of custody of digital evidence called DEMF (Digital Evidence Management Framework. Improvement proposal is presented as an introduction of phase of biometric vulnerability evaluation methodology within proposedframework called APDEMF (Admissibility procedure of DEMF. Using UML (Universal Modeling Language modeling methodology authors are about to represent a APDEMF framework which will describe essential phases of the same process.

Inability to uniquely identify clients impedes access to services and contributes to inefficiencies. Using a pocket-sized fingerprint scanner that wirelessly syncs with a health worker's smartphone, the SimPrints biometricsystem can link individuals' fingerprints to their health records. A pilot in Bangladesh will assess its potential.

In this paper we consider secret generation in biometric identification systems with protected templates. This problem is closely related to the study of the bio metric identification capacity [Willems et al., 2003] and [O’Sullivan and Sclmmid, 2002] and the common randomness generation scheme

Recently, there has been a growing interest in the use of brain activity for biometricsystems. However, so far these studies have focused mainly on basic features of the Electroencephalography. In this study we propose an approach based on phase synchronization, to investigate personal distinctive

Offering the first comprehensive analysis of touchless fingerprint-recognition technologies, Touchless Fingerprint Biometrics gives an overview of the state of the art and describes relevant industrial applications. It also presents new techniques to efficiently and effectively implement advanced solutions based on touchless fingerprinting.The most accurate current biometric technologies in touch-based fingerprint-recognition systems require a relatively high level of user cooperation to acquire samples of the concerned biometric trait. With the potential for reduced constraints, reduced hardw

Personal identification and authentication is very crucial in the current scenario. Biometrics plays an important role in this area. Biometric based authentication has proved superior compared to traditional password based authentication. Anyhow biometrics is permanent feature of a person and cannot be reissued when compromised as passwords. To over come this problem, instead of storing the original biometric templates transformed templates can be stored. Whenever the transformation function ...

Full Text Available The performance of unimodal biometricsystems (based on a single modality such as face or fingerprint has to contend with various problems, such as illumination variation, skin condition and environmental conditions, and device variations. Therefore, multimodal biometricsystems have been used to overcome the limitations of unimodal biometrics and provide high accuracy recognition. In this paper, we propose a new multimodal biometricsystem based on score level fusion of face and both irises' recognition. Our study has the following novel features. First, the device proposed acquires images of the face and both irises simultaneously. The proposed device consists of a face camera, two iris cameras, near-infrared illuminators and cold mirrors. Second, fast and accurate iris detection is based on two circular edge detections, which are accomplished in the iris image on the basis of the size of the iris detected in the face image. Third, the combined accuracy is enhanced by combining each score for the face and both irises using a support vector machine. The experimental results show that the equal error rate for the proposed method is 0.131%, which is lower than that of face or iris recognition and other fusion methods.

Patient can obtain sorts of health-care delivery services via Telecare Medical Information Systems (TMIS). Authentication, security, patient's privacy protection and data confidentiality are important for patient or doctor accessing to Electronic Medical Records (EMR). In 2012, Chen et al. showed that Khan et al.'s dynamic ID-based authentication scheme has some weaknesses and proposed an improved scheme, and they claimed that their scheme is more suitable for TMIS. However, we show that Chen et al.'s scheme also has some weaknesses. In particular, Chen et al.'s scheme does not provide user's privacy protection and perfect forward secrecy, is vulnerable to off-line password guessing attack and impersonation attack once user's smart card is compromised. Further, we propose a secure anonymity authentication scheme to overcome their weaknesses even an adversary can know all information stored in smart card.

. This paper asks if and how biometric techniques are the basis of a re-structuring of management of migration and mobility: Is the suggestion of biometric identifiers reflecting the withdrawal from the principle of rights applied to human beings as an abstract of the universal individual all being equal......, to the (re)introduction the concept of rights being engraved in your body, depended first and foremost on one’s birth, kinship and geography ? The paper will discuss biometric technology in a historical context and explore the apparent biometric divide between citizens and migrants, the latter positioned......Biometric identifiers (finger prints, face scans, iris scans etc.) have increasingly become a key element in technology of EU border and migration management. SIS II, EURODAC and VIS are centralized systems that contain fingerprints of different groups of non-EU citizen, and the biometric...

The ethics and morals make the line between lawful to unlawful, the right and wrong, acceptable from the unacceptable. Furthermore the purpose of ethics in the field of profesional practice is, in particular the application of moral standards based on honesty, courtesy and honour. But they are not the only ones. Confidentiality should be the first of duties the professional has no right to disclose information that was only reported in their work and because it was necessary to run it. This requirement aims to protect the recipient of the service and avoid damage to society. The professional should also encourage members of his team, because solidarity is a very effective way to improve the intellectual and moral qualities of work partners and ensure their involvement. When you have an honest professional conduct within and outside of professional practice, you attract confidence and prestige, which is an incentive to drive, with safety, the proper course of his career. The purpose of the biometric control based on the need to expedite the fulfilment of a goal whose integration is recognized by law under the control of the employer's: the setting of working hours, monitoring the attendance and registration of working time. This record is also the accounting and control of additional work. To consider the biometric control as an appropriate mean to ensure a «legitimate purpose», the Law 67/98 requires the National Commission for Data Protection, in each case, to ascertain whether the prevailing interests the rights and freedoms guarantees data subjects on the interest for the treatment of data relied upon by the employer. This procedure seems to be the best fit to the principle of proportionality and therefore the processing of data should be refused where it appears unjustified, inappropriate and excessive, or when, by their lack of reliability, it undermines the purpose of determining it.

... INTERNATIONAL TRADE COMMISSION [Investigation No. 337-TA-697] In the Matter of Certain AuthenticationSystems, Including Software and Handheld Electronic Devices; Notice of Commission Decision Not to... importation of certain authenticationsystems, including software and handheld electronic devices, by reason...

Currently, graphical password methods are available for android and other devices, but the major problem is vulnerability issue. A map graphical-based authenticationsystem (Dheeraj et al, 2013) was designed on mobile android devices, but it did not provide a large choice or multiple sequence to user for selecting ...

Biometric are a powerful technology for identifying humans both locally and at a distance. In order to perform identification or verification biometricsystems capture an image of some biometric of a user or subject. The image is then converted mathematical to representation of the person call a template. Since we know that every human in the world is different each human will have different biometric images (different fingerprints, or faces, etc.). This is what makes biometrics useful for identification. However unlike a credit card number or a password to can be given to a person and later revoked if it is compromised and biometric is with the person for life. The problem then is to develop biometric templates witch can be easily revoked and reissued which are also unique to the user and can be easily used for identification and verification. In this paper we develop and present a method to generate a set of templates which are fully unique to the individual and also revocable. By using bases set compression algorithms in an n-dimensional orthogonal space we can represent a give biometric image in an infinite number of equally valued and unique ways. The verification and biometric matching system would be presented with a given template and revocation code. The code will then representing where in the sequence of n-dimensional vectors to start the recognition.

To protect patient privacy and ensure authorized access to remote medical services, many remote user authentication schemes for the integrated electronic patient record (EPR) information system have been proposed in the literature. In a recent paper, Das proposed a hash based remote user authentication scheme using passwords and smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various passive and active attacks. However, in this paper, we found that Das's authentication scheme is still vulnerable to modification and user duplication attacks. Thereafter we propose a secure and efficient authentication scheme for the integrated EPR information system based on lightweight hash function and bitwise exclusive-or (XOR) operations. The security proof and performance analysis show our new scheme is well-suited to adoption in remote medical healthcare services.

Most arms-control-treaty-monitoring scenarios involve a host party that makes a declaration regarding its nuclear material or items and a monitoring party that verifies that declaration. A verification system developed for such a use needs to be trusted by both parties. The first concern, primarily from the host party's point of view, is that any sensitive information that is collected must be protected without interfering in the efficient operation of the facility being monitored. This concern is addressed in what can be termed a 'certification' process. The second concern, of particular interest to the monitoring party, is that it must be possible to confirm the veracity of both the measurement system and the data produced by this measurement system. The monitoring party addresses these issues during an 'authentication' process. Addressing either one of these concerns independently is relatively straightforward. However, it is more difficult to simultaneously satisfy host party certification concerns and monitoring party authentication concerns. Typically, both parties will want the final access to the measurement system. We will describe an alternative approach that allows both parties to gain confidence simultaneously. This approach starts with (1) joint development of the measurement system followed by (2) host certification of several copies of the system and (3) random selection by the inspecting party of one copy to be use during the monitoring visit and one (or more) copy(s) to be returned to the inspecting party's facilities for (4) further hardware authentication; any remaining copies are stored under joint seal for use as spares. Following this process, the parties will jointly (5) perform functional testing on the selected measurement system and then (6) use this system during the monitoring visit. Steps (1) and (2) assure the host party as to the certification of whichever system is eventually used in the monitoring visit. Steps (1), (3), (4), and (5

Fuzzy extractors allow cryptographic keys to be generated from noisy, non-uniform biometric data. Fuzzy extractors can be used to authenticate a user to a server without storing her biometric data directly. However, in the Information Theoretic sense fuzzy extractors will leak information about the

This paper focuses on authentication with three types of entities: a user who sends an authentication request, an authentication-server who receives and verifies the request, and a database who supplies the authentication-server with information for verifying the request. This paper presents novel authentication protocols that satisfy the following important properties: (1) secure against replay attacks, (2) the database(s) cannot identify which user is authenticating and (3) the authenticati...

... INTERNATIONAL TRADE COMMISSION [Inv. No. 337-TA-697] In the Matter of: Certain Authentication... the sale within the United States after importation of certain authenticationsystems, including... importation, or the sale within the United States after importation of authenticationsystems, including...

Full Text Available With the exponential increase in the dependence on mobile devices in everyday life, there is a growing concern related to privacy and security issues in the Gulf countries; therefore, it is imperative that security threats should be analyzed in detail. Mobile devices store enormous amounts of personal and financial information, unfortunately without any security. In order to secure mobile devices against different threats, biometrics has been applied and shown to be effective. However, biometric mobile applications are also vulnerable to several types of attacks that can decrease their security. Biometric information itself is considered sensitive data; for example, fingerprints can leave traces in touched objects and facial images can be captured everywhere or accessed by the attacker if the facial image is stored in the mobile device (lost or stolen. Hence, an attacker can easily forge the identity of a legitimate user and access data on a device. In this paper, the effects of a trace attack on the sensitivity of biometric mobile applications are investigated in terms of security and user privacy. Experimental results carried out on facial and fingerprint mobile authentication applications using different databases have shown that these mobile applications are vulnerable to the proposed attack, which poses a serious threat to the overall system security and user privacy.

Full Text Available Biometricsystems based on uni-modal traits are characterized by noisy sensor data, restricted degrees of freedom, non-universality and are susceptible to spoof attacks. Multi-modal biometricsystems seek to alleviate some of these drawbacks by providing multiple evidences of the same identity. In this paper, a user-score-based weighting technique for integrating the iris and signature traits is presented. This user-specific weighting technique has proved to be an efficient and effective fusion scheme which increases the authentication accuracy rate of multi-modal biometricsystems. The weights are used to indicate the importance of matching scores output by each biometrics trait. The experimental results show that our biometricsystem based on the integration of iris and signature traits achieve a false rejection rate (FRR of 0.08% and a false acceptance rate (FAR of 0.01%.

The implementation of the e-voting becomes more substantial with the rapid increase of e-government development. The recent growth in communications and cryptographic techniques facilitate the implementation of e-voting. Many countries introduced e-voting systems; unfortunately most of these systems are not fully functional. In this paper we will present an e-voting scheme that covers most of the e-voting requirements, smart card and biometric recognition technology were implemented to guarantee voter's privacy and authentication.

Adoption of compression technology is often required for wireless cardiovascular monitoring, due to the enormous size of Electrocardiography (ECG) signal and limited bandwidth of Internet. However, compressed ECG must be decompressed before performing human identification using present research on ECG based biometric techniques. This additional step of decompression creates a significant processing delay for identification task. This becomes an obvious burden on a system, if this needs to be done for a trillion of compressed ECG per hour by the hospital. Even though the hospital might be able to come up with an expensive infrastructure to tame the exuberant processing, for small intermediate nodes in a multihop network identification preceded by decompression is confronting. In this paper, we report a technique by which a person can be identified directly from his / her compressed ECG. This technique completely obviates the step of decompression and therefore upholds biometric identification less intimidating for the smaller nodes in a multihop network. The biometric template created by this new technique is lower in size compared to the existing ECG based biometrics as well as other forms of biometrics like face, finger, retina etc. (up to 8302 times lower than face template and 9 times lower than existing ECG based biometric template). Lower size of the template substantially reduces the one-to-many matching time for biometric recognition, resulting in a faster biometricauthentication mechanism.

Sandia National Laboratories (SNL) is in the final stages of developing a Universal Authenticated Item Monitoring System (AIMS). When completed, AIMS will provide applicable agencies in the US government, and those in the International arena, with a secure and convenient method of monitoring the physical status of selected items. The benefit derived from this development activity will be the commercial availability of an item monitoring system with the capability for ''quick set-up'' monitoring, as well as long-term unattended monitoring. The AIMS includes a variety of sensors, a robust and authenticated radio frequency (RF) communication link, a Receiver Processing Unit (RPU), and an inspector-friendly personal computer (PC) interface for collecting, sorting, viewing and archiving pertinent event histories. The system will provide the capability to monitor selected items in a real-time mode, a remotely interrogated mode, and a stand-alone, unattended data collection mode. The sensor suite under development includes advanced motion sensors, interior volumetric intrusion sensors, Re-usable, In-situ Verifiable Authenticated (RIVA) fiber-optic seal sensors, generic utility sensors (to accommodate contact closure inputs), and radiation and environmental sensors. A new generation authentication algorithm recently has been developed that provides a high degree of system security 121. The AIMS has potential safeguards applications in the areas of arms control and treaty verification military asset control, International Atomic Energy Agency (IAEA) and Euratom safeguards verification activities, as well as domestic nuclear safeguard activities. Commercial applications could include high-value inventory control and security systems. This paper describes the second-generation AIMS along with its recently expanded sensor suite and enhanced data collection capabilities

The paper presents a mechanism permitting a type manager to fabricate a migrated object representation which can be entrusted to other subsystems or transmitted outside of the control of a local computer system. The migrated object representation is signed by the type manager in such a way that the type manager's signature cannot be forged and the manager is able to authenticate its own signature. Subsequently, the type manager can retrieve the migrated representation and validate its contents before reconstructing the object in its original representation. This facility allows type managers to authenticate the contents of off-line or network storage and solves problems stemming from the hierarchical structure of the system itself.

A hand biometricauthentication method based on measurements of the user's hand geometry and vascular pattern is proposed. To acquire the hand geometry, the thickness of the side view of the hand, the K-curvature with a hand-shaped chain code, the lengths and angles of the finger valleys, and the lengths and profiles of the fingers were used, and for the vascular pattern, the direction-based vascular-pattern extraction method was used, and thus, a new multimodal biometric approach is proposed. The proposed multimodal biometricsystem uses only one image to extract the feature points. This system can be configured for low-cost devices. Our multimodal biometric-approach hand-geometry (the side view of the hand and the back of hand) and vascular-pattern recognition method performs at the score level. The results of our study showed that the equal error rate of the proposed system was 0.06%. PMID:23449119

A hand biometricauthentication method based on measurements of the user's hand geometry and vascular pattern is proposed. To acquire the hand geometry, the thickness of the side view of the hand, the K-curvature with a hand-shaped chain code, the lengths and angles of the finger valleys, and the lengths and profiles of the fingers were used, and for the vascular pattern, the direction-based vascular-pattern extraction method was used, and thus, a new multimodal biometric approach is proposed. The proposed multimodal biometricsystem uses only one image to extract the feature points. This system can be configured for low-cost devices. Our multimodal biometric-approach hand-geometry (the side view of the hand and the back of hand) and vascular-pattern recognition method performs at the score level. The results of our study showed that the equal error rate of the proposed system was 0.06%.

A method and system for authentication is provided. A central node for issuing certificates to a plurality of nodes associated with the central node in a network is also provided. The central node receives a first key from at least one node from among the plurality of nodes and generates a second key based on the received first key and generates a certificate for the at least one node. The generated certificate is transmitted to the at least one node.

Full Text Available Method of human biometric identification by iris of the eye is considered as one of the most accurate and reliable methods of identification. Aim of the research is to solve the problem of edge detection of digital image of the human eye iris to be able to implement human biometric identification system by means of mobile device. To achieve this aim the algorithm of edge detection by Canny is considered in work. It consists of the following steps: smoothing, finding gradients, non-maximum suppression, double thresholding with hysteresis. The software implementation of the Canny algorithm is carried out for the Android mobile platform with the use of high level programming language Java.

Full Text Available An object-based video authenticationsystem, which combines watermarking, error correction coding (ECC, and digital signature techniques, is presented for protecting the authenticity between video objects and their associated backgrounds. In this system, a set of angular radial transformation (ART coefficients is selected as the feature to represent the video object and the background, respectively. ECC and cryptographic hashing are applied to those selected coefficients to generate the robust authentication watermark. This content-based, semifragile watermark is then embedded into the objects frame by frame before MPEG4 coding. In watermark embedding and extraction, groups of discrete Fourier transform (DFT coefficients are randomly selected, and their energy relationships are employed to hide and extract the watermark. The experimental results demonstrate that our system is robust to MPEG4 compression, object segmentation errors, and some common object-based video processing such as object translation, rotation, and scaling while securely preventing malicious object modifications. The proposed solution can be further incorporated into public key infrastructure (PKI.

PAPI is a system for providing access control to restricted information resources across the Internet. It intends to keep authentication as an issue local to the organization the user belongs to, while leaving information providers full control over the resources they offer. The authentication mechanisms are designed to be as flexible as possible, allowing each organization to use its own authentication schema, keeping user privacy, and offering information providers data enough for statistics. Moreover, access control mechanisms are transparent to the user and compatible: with the most commonly employed Web browsers (i.e., Netscape/MSIE/Mozilla/Lynx), with any HTTP based java application solution, and any operating system. This solution is being successfully used in different research organizations in Spain and Europe as a control access system to restricted resources in a transparent and single sign-on way. It is allowing mobile and external users to access to resources that are internal to organizations, contributing to remote participations in results of experiments and inter-institutional resource collaboration

PAPI is a system for providing access control to restricted information resources across the Internet. It intends to keep authentication as an issue local to the organization the user belongs to, while leaving information providers full control over the resources they offer. The authentication mechanisms are designed to be as flexible as possible, allowing each organization to use its own authentication schema, keeping user privacy, and offering information providers data enough for statistics. Moreover, access control mechanisms are transparent to the user and compatible: with the most commonly employed Web browsers (i.e., Netscape/MSIE/Mozilla/Lynx), with any HTTP based java application solution, and any operating system. This solution is being successfully used in different research organizations in Spain and Europe as a control access system to restricted resources in a transparent and single sign-on way. It is allowing mobile and external users to access to resources that are internal to organizations, contributing to remote participations in results of experiments and inter-institutional resource collaboration.

Biometric technology has been widely acknowledged as an effective means for enhancing private and public security through applications in physical access control, computer and computer network access control, medical records protection, banking security, public identification programs, and others. Nearly all of these applications involve use of a biometric token to control access to a physical entity or private information. There are also unique benefits to be derived from attaching a biometric template to a physical entity such as a document, package, laboratory sample, etc. Such an association allows fast, reliable, and highly accurate association of an individual person's identity to the physical entity, and can be used to enhance security, convenience, and privacy in many types of transactions. Examples include authentication of documents, tracking of laboratory samples in a testing environment, monitoring the movement of physical evidence within the criminal justice system, and authenticating the identity of both sending and receiving parties in shipment of high value parcels. A system is described which combines a biometric technology based on iris recognition with a printing and scanning technology for high-density bar codes.

Human recognition is required for certain ... automated systems is that some can be stolen, passwords and PIN ... WORKS. A biometricsystem can be viewed as a simple diagram in figure 1. ... Feature extraction is done with the help of some.

Full Text Available Multibiometric systems are expected to be more reliable than unimodal biometricsystems for personal identification due to the presence of multiple, fairly independent pieces of evidence e.g. Unique Identification Project "Aadhaar" of Government of India. In this paper, we present a novel wavelet based technique to perform fusion at the feature level and score level by considering two biometric modalities, face and fingerprint. The results indicate that the proposed technique can lead to substantial improvement in multimodal matching performance. The proposed technique is simple because of no preprocessing of raw biometric traits as well as no feature and score normalization.

Most arms-control-treaty-monitoring scenarios involve a host party that makes a declaration regarding its nuclear material or items and a monitoring party that verifies that declaration. A verification system developed for such a use needs to be trusted by both parties. The first concern, primarily from the host party's point of view, is that any sensitive information that is collected must be protected without interfering in the efficient operation of the facility being monitored. This concern is addressed in what can be termed a 'certification' process. The second concern, of particular interest to the monitoring party, is that it must be possible to confirm the veracity of both the measurement system and the data produced by this measurement system. The monitoring party addresses these issues during an 'authentication' process. Addressing either one of these concerns independently is relatively straightforward. However, it is more difficult to simultaneously satisfy host party certification concerns and monitoring party authentication concerns. Typically, both parties will want the final access to the measurement system. We will describe an alternative approach that allows both parties to gain confidence simultaneously. This approach starts with (1) joint development of the measurement system followed by (2) host certification of several copies of the system and (3) random selection by the inspecting party of one copy to be use during the monitoring visit and one (or more) copy(s) to be returned to the inspecting party's facilities for (4) further hardware authentication; any remaining copies are stored under joint seal for use as spares. Following this process, the parties will jointly (5) perform functional testing on the selected measurement system and then (6) use this system during the monitoring visit. Steps (1) and (2) assure the host party as to the certification of whichever system is eventually used in the monitoring visit

Identity is important when it is weak. This apparent paradox is the core of the current debate on identity. Traditionally, verification of identity has been based upon authentication of attributed and biographical characteristics. After small scale societies and large scale, industrial societies, globalization represents the third period of personal identification. The human body lies at the heart of all strategies for identity management. The tension between human body and personal identity is critical in the health care sector. The health care sector is second only to the financial sector in term of the number of biometric users. Many hospitals and healthcare organizations are in progress to deploy biometric security architecture. Secure identification is critical in the health care system, both to control logic access to centralized archives of digitized patients' data, and to limit physical access to buildings and hospital wards, and to authenticate medical and social support personnel. There is also an increasing need to identify patients with a high degree of certainty. Finally there is the risk that biometricauthentication devices can significantly reveal any health information. All these issues require a careful ethical and political scrutiny.

Full Text Available A novel hybrid design based electronic voting system is proposed, implemented and analyzed. The proposed system uses two voter verification techniques to give better results in comparison to single identification based systems. Finger print and facial recognition based methods are used for voter identification. Cross verification of a voter during an election process provides better accuracy than single parameter identification method. The facial recognition system uses Viola-Jones algorithm along with rectangular Haar feature selection method for detection and extraction of features to develop a biometric template and for feature extraction during the voting process. Cascaded machine learning based classifiers are used for comparing the features for identity verification using GPCA (Generalized Principle Component Analysis and K-NN (K-Nearest Neighbor. It is accomplished through comparing the Eigen-vectors of the extracted features with the biometric template pre-stored in the election regulatory body database. The results of the proposed system show that the proposed cascaded design based system performs better than the systems using other classifiers or separate schemes i.e. facial or finger print based schemes. The proposed system will be highly useful for real time applications due to the reason that it has 91% accuracy under nominal light in terms of facial recognition.

A novel hybrid design based electronic voting system is proposed, implemented and analyzed. The proposed system uses two voter verification techniques to give better results in comparison to single identification based systems. Finger print and facial recognition based methods are used for voter identification. Cross verification of a voter during an election process provides better accuracy than single parameter identification method. The facial recognition system uses Viola-Jones algorithm along with rectangular Haar feature selection method for detection and extraction of features to develop a biometric template and for feature extraction during the voting process. Cascaded machine learning based classifiers are used for comparing the features for identity verification using GPCA (Generalized Principle Component Analysis) and K-NN (K-Nearest Neighbor). It is accomplished through comparing the Eigen-vectors of the extracted features with the biometric template pre-stored in the election regulatory body database. The results of the proposed system show that the proposed cascaded design based system performs better than the systems using other classifiers or separate schemes i.e. facial or finger print based schemes. The proposed system will be highly useful for real time applications due to the reason that it has 91% accuracy under nominal light in terms of facial recognition. (author)

Full Text Available This paper is about the design, implementation, and deployment of a multi-modal biometricsystem to grant access to a company structure and to internal zones in the company itself. Face and iris have been chosen as biometric traits. Face is feasible for non-intrusive checking with a minimum cooperation from the subject, while iris supports very accurate recognition procedure at a higher grade of invasivity. The recognition of the face trait is based on the Local Binary Patterns histograms, and the Daughman’s method is implemented for the analysis of the iris data. The recognition process may require either the acquisition of the user’s face only or the serial acquisition of both the user’s face and iris, depending on the confidence level of the decision with respect to the set of security levels and requirements, stated in a formal way in the Service Level Agreement at a negotiation phase. The quality of the decision depends on the setting of proper different thresholds in the decision modules for the two biometric traits. Any time the quality of the decision is not good enough, the system activates proper rules, which ask for new acquisitions (and decisions, possibly with different threshold values, resulting in a system not with a fixed and predefined behaviour, but one which complies with the actual acquisition context. Rules are formalized as deduction rules and grouped together to represent “response behaviors” according to the previous analysis. Therefore, there are different possible working flows, since the actual response of the recognition process depends on the output of the decision making modules that compose the system. Finally, the deployment phase is described, together with the results from the testing, based on the AT&T Face Database and the UBIRIS database.

Biometricauthenticationsystems are becoming increasingly popular due to their potential usage in information security. However, digital biometric data (e.g. thumb impression) are themselves vulnerable to security attacks. There are various methods are available to secure biometric data. In biometric watermarking the data are embedded in an image container and are only retrieved if the secrete key is available. This container image is encrypted to have more security against the attack. As wireless devices are equipped with battery as their power supply, they have limited computational capabilities; therefore to reduce energy consumption we use the method of selective encryption of container image. The bit pull-up-based biometric watermarking scheme is based on amplitude modulation and bit priority which reduces the retrieval error rate to great extent. By using selective Encryption mechanism we expect more efficiency in time at the time of encryption as well as decryption. Significant reduction in error rate is expected to be achieved by the bit pull-up method.

An artificial pancreas (AP) computes the optimal insulin dose to be infused through an insulin pump in people with Type 1 Diabetes (T1D) based on information received from a continuous glucose monitoring (CGM) sensor. It has been recognized that exercise is a major challenge in the development of an AP system. The use of biometric physiological variables in an AP system may be beneficial for prevention of exercise-induced challenges and better glucose regulation. The goal of the present study is to find a correlation between biometric variables such as heart rate (HR), heat flux (HF), skin temperature (ST), near-body temperature (NBT), galvanic skin response (GSR), and energy expenditure (EE), 2D acceleration-mean of absolute difference (MAD) and changes in glucose concentrations during exercise via partial least squares (PLS) regression and variable importance in projection (VIP) in order to determine which variables would be most useful to include in a future artificial pancreas. PLS and VIP analyses were performed on data sets that included seven different types of exercises. Data were collected from 26 clinical experiments. Clinical results indicate ST to be the most consistently important (important for six out of seven tested exercises) variable over all different exercises tested. EE and HR are also found to be important variables over several types of exercise. We also found that the importance of GSR and NBT observed in our experiments might be related to stress and the effect of changes in environmental temperature on glucose concentrations. The use of the biometric measurements in an AP system may provide better control of glucose concentration. PMID:28272368

Full Text Available Biometric recognition (also known as biometrics refers to the automated recognition of individuals based on their biological or behavioral traits. Examples of biometric traits include fingerprint, palmprint, iris, and face. The brain is the most important and complex organ in the human body. Can it be used as a biometric trait? In this study, we analyze the uniqueness of the brain and try to use the brain for identity authentication. The proposed brain-based verification system operates in two stages: gray matter extraction and gray matter matching. A modified brain segmentation algorithm is implemented for extracting gray matter from an input brain image. Then, an alignment-based matching algorithm is developed for brain matching. Experimental results on two data sets show that the proposed brain recognition system meets the high accuracy requirement of identity authentication. Though currently the acquisition of the brain is still time consuming and expensive, brain images are highly unique and have the potential possibility for authentication in view of pattern recognition.

Dec 1, 2014 ... manage traffic cases is manual; information collected daily is written on paper and stored in ... The system is thus user friendly in the way it inserts, retrieves and updates user .... importance of discipline on the highway.

Throughout the last 40 years, the essence of automated identification of users has remained the same. In this article, a new class of biometrics is proposed that is founded on processing biosignals, as opposed to images. After a brief introduction on biometrics, biosignals are discussed, including

Disclosed herein are exemplary embodiments of imaging systems and methods of using such systems. In one exemplary embodiment, one or more direct images of the body of a clothed subject are received, and a motion signature is determined from the one or more images. In this embodiment, the one or more images show movement of the body of the subject over time, and the motion signature is associated with the movement of the subject's body. In certain implementations, the subject can be identified based at least in part on the motion signature. Imaging systems for performing any of the disclosed methods are also disclosed herein. Furthermore, the disclosed imaging, rendering, and analysis methods can be implemented, at least in part, as one or more computer-readable media comprising computer-executable instructions for causing a computer to perform the respective methods.

8 pages document + 5-slide presentation.-- Contributed to: 1st International Biometric Performance Conference (IBPC 2010, NIST, Gaithersburg, MD, US, Mar 1-5, 2010). Recently, biometrics is used in many security systems and these systems can be located in different environments. As many experts claim and previous works have demonstrated, environmental conditions influence biometric performance. Nevertheless, there is not a specific methodology for testing this influence at the moment...

Full Text Available The paper presents a rigorous analysis of iris biometric information for the synthesis of an optimized system for the extraction of a high quality cryptology key. Estimations of local entropy and mutual information were identified as segments of the iris most suitable for this purpose. In order to optimize parameters, corresponding wavelets were transformed, in order to obtain the highest possible entropy and mutual information lower in the transformation domain, which set frameworks for the synthesis of systems for the extraction of truly random sequences of iris biometrics, without compromising authentication properties. [Projekat Ministarstva nauke Republike Srbije, br. TR32054 i br. III44006

.... The ultimate goal of voice biometrics is to enable the use of voice as a password. Voice biometrics are "man-in-the-loop" systems in which system performance is significantly dependent on human performance...

A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

Along at least twelve dimensions biometricsystems might vary. We need to exploit this variety to manoeuvre biometrics into place to be able to realise its social potential. Subsequently, two perspectives on biometrics are proposed revealing that biometrics will probably be ineffective in combating identity fraud, organised crime and terrorism: (1) the value chain perspective explains the first barrier: our strong preference for large scale biometricsystems for general compulsory use. These biometricsystems cause successful infringements to spread unnoticed. A biometricsystem will only function adequately if biometrics is indispensable for solving the dominant chain problem. Multi-chain use of biometrics takes it beyond the boundaries of good manageability. (2) the identity fraud perspective exposes the second barrier: our traditional approach to identity verification. We focus on identity documents, neglecting the person and the situation involved. Moreover, western legal cultures have made identity verification procedures known, transparent, uniform and predictable. Thus, we have developed a blind spot to identity fraud. Biometrics provides good potential to better checking persons, but will probably be used to enhance identity documents. Biometrics will only pay off if it confronts the identity fraudster with less predictable verification processes and more risks of his identity fraud being spotted. Standardised large scale applications of biometrics for general compulsory use without countervailing measures will probably produce the reverse. This contribution tentatively presents a few headlines for an overall biometrics strategy that could better resist identity fraud.

Abstract— Fingerprint-based user authentication is highly effective in networked services such as electronic payment, but conventional authentication solutions have problems in cost, usability and security. To resolve these problems, we propose a touch-less fingerprint authentication solution, in which a mobile device's built-in camera is used to capture fingerprint image, and then it is sent to the server to determine the identity of the user. We designed and implemented a prototype as an a...

Full Text Available Cloud computing is one of the rising technologies that takes set of connections users to the next level. Cloud is a technology where resources are paid as per usage rather than owned. One of the major challenges in this technology is Security. Biometricsystems provide the answer to ensure that the rendered services are accessed only by a legal user or an authorized user and no one else. Biometricsystems recognize users based on behavioral or physiological characteristics. The advantages of such systems over traditional validation methods such as passwords and IDs are well known and hence biometricsystems are progressively gaining ground in terms of usage. This paper brings about a new replica of a security system where in users have to offer multiple biometric finger prints during Enrollment for a service. These templates are stored at the cloud providers section. The users are authenticated based on these finger print designed templates which have to be provided in the order of arbitrary numbers or imaginary numbers that are generated every time continuously. Both finger prints templates and images are present and they provided every time duration are encrypted or modified for enhanced security.

This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule

By implementing a tracking and verification system, clinical facilities can effectively monitor workflow and heighten information security in today's growing demand towards digital imaging informatics. This paper presents the technical design and implementation experiences encountered during the development of a Location Tracking and Verification System (LTVS) for a clinical environment. LTVS integrates facial biometrics with wireless tracking so that administrators can manage and monitor patient and staff through a web-based application. Implementation challenges fall into three main areas: 1) Development and Integration, 2) Calibration and Optimization of Wi-Fi Tracking System, and 3) Clinical Implementation. An initial prototype LTVS has been implemented within USC's Healthcare Consultation Center II Outpatient Facility, which currently has a fully digital imaging department environment with integrated HIS/RIS/PACS/VR (Voice Recognition).

This paper proposes a multimodal biometric scheme for human authentication based on fusion of voice and face recognition. For voice recognition, three categories of features (statistical coefficients, cepstral coefficients and voice timbre) are used and compared. The voice identification modality is carried out using Gaussian Mixture Model (GMM). For face recognition, three recognition methods (Eigenface, Linear Discriminate Analysis (LDA), and Gabor filter) are used and compared. The combination of voice and face biometricssystems into a single multimodal biometricssystem is performed using features fusion and scores fusion. This study shows that the best results are obtained using all the features (cepstral coefficients, statistical coefficients and voice timbre features) for voice recognition, LDA face recognition method and scores fusion for the multimodal biometricssystem

Iris recognition and authentication has a major issue in its code generation and verification accuracy, in order to enhance the authentication process, a binary bit sequence of iris is generated, which contain several vital information that is used to calculate the Mean Energy and Maximum Energy that goes into the eye with an ...

Passengers with immigrant Visa's are a major concern to the International Airports due to the various fraud operations identified. To curb tampering of genuine Visa, the Visa's should contain human identification information. Biometric characteristic is a common and reliable way to authenticate the identity of an individual [1]. A Multimodal Biometric Human Identification System (MBHIS) that integrates iris code, DNA fingerprint, and the passport number on the Visa photograph using digital watermarking scheme is presented. Digital Watermarking technique is well suited for any system requiring high security [2]. Ophthalmologists [3], [4], [5] suggested that iris scan is an accurate and nonintrusive optical fingerprint. DNA sequence can be used as a genetic barcode [6], [7]. While issuing Visa at the US consulates, the DNA sequence isolated from saliva, the iris code and passport number shall be digitally watermarked in the Visa photograph. This information is also recorded in the 'immigrant database'. A 'forward watermarking phase' combines a 2-D DWT transformed digital photograph with the personal identification information. A 'detection phase' extracts the watermarked information from this VISA photograph at the port of entry, from which iris code can be used for identification and DNA biometric for authentication, if an anomaly arises.

Recent advances in sensor technology and wide spread use of various electronics (computers, PDA, mobile phones etc.) provide new opportunities for capturing and analyses of novel physiological and behavioural traits of human beings for biometricauthentication. This paper presents an overview of several such types of human characteristics that have been proposed as alternatives to traditional types of biometrics. We refer to these characteristics as emerging biometrics. We survey various types of emerging modalities and techniques, and discuss their pros and cons. Emerging biometrics faces several limitations and challenges which include subject population coverage (focusing mostly on adults); unavailability of benchmark databases; little research with respect to vulnerability/robustness against attacks; and some privacy concerns they may arise. In addition, recognition performance of emerging modalities are generally less accurate compared to the traditional biometrics. Despite all of these emerging biometrics posses their own benefits and advantages compared to traditional biometrics which makes them still attractive for research. First of all, emerging biometrics can always serve as a complementary source for identity information; they can be suitable in applications where traditional biometrics are difficult or impossible to adapt such as continuous or periodic re-verification of the user's identity etc.

Full Text Available This paw presents fusion detection technique comparisons based on support vector machine and its variations for a bimodal biometric verification system that makes use of face images and speech utterances. The system is essentially constructed by a face expert, a speech expert and a fusion decision module. Each individual expert has been optimized to operate in automatic mode and designed for security access application. Fusion decision schemes considered are linear, weighted Support Vector Machine (SVM and linear SVM with quadratic transformation. The conditions tested include the balanced and unbalanced conditions between the two experts in order to obtain the optimum fusion module from these techniques best suited to the target application.

As the plethora of approaches to biometrics and their deployment continues to grow, so too does the need to combat the techniques used to subvert the aim of such biometricsystems. Presenting the first definitive study of the subject, this Handbook of Biometric Anti-Spoofing reviews the state of the art in covert attacks against biometricsystems, and in deriving countermeasures to these attacks. Across a range of common biometrics, including face, iris, fingerprint, speaker and gait, the book describes spoofing methods and examines the vulnerabilities of biometricsystems to these attacks.

Biometrics is rapidly gaining acceptance as the technology that can meet the ever increasing need for security in critical applications. Biometricsystems automatically recognize individuals based on their physiological and behavioral characteristics. Hence, the fundamental requirement of any biometric recognition system is a human trait having several desirable properties like universality, distinctiveness, permanence, collectability, acceptability, and resistance to circumvention. However, a human characteristic that possesses all these properties has not yet been identified. As a result, none of the existing biometricsystems provide perfect recognition and there is a scope for improving the performance of these systems. Although characteristics like gender, ethnicity, age, height, weight and eye color are not unique and reliable, they provide some information about the user. We refer to these characteristics as "soft" biometric traits and argue that these traits can complement the identity information provided by the primary biometric identifiers like fingerprint and face. This paper presents the motivation for utilizing soft biometric information and analyzes how the soft biometric traits can be automatically extracted and incorporated in the decision making process of the primary biometricsystem. Preliminary experiments were conducted on a fingerprint database of 160 users by synthetically generating soft biometric traits like gender, ethnicity, and height based on known statistics. The results show that the use of additional soft biometric user information significantly improves (approximately 6%) the recognition performance of the fingerprint biometricsystem.

Biometrics security technology uses the physiological and ... verification and authentication methodology to verify how facial screening explores the different ... mouth, nose etc and stores the bio-information extracted from the face of every ...

With the increasing potential for gaming hardware and peripherals to support biometrics, their application within the games industry for software and design should be considered. This paper assesses the ability to use a form of biometric measurement, heart rate, in real-time to improve the challenge and enjoyment of a game by catering it to…

Spoof attack by replicating biometric traits represents a real threat to an automatic biometric verification/ authenticationsystem. This is because the system, originally designed to distinguish between genuine users from impostors, simply cannot distinguish between a replicated biometric sample (replica) from a live sample. An effective solution is to obtain some measures that can indicate whether or not a biometric trait has been tempered with, e.g., liveness detection measures. These measures are referred to as evidence of spoofing or anti-spoofing measures. In order to make the final accept/rejection decision, a straightforward solution to define two thresholds: one for the anti-spoofing measure, and another for the verification score. We compared two variants of a method that relies on applying two thresholds - one to the verification (matching) score and another to the anti-spoofing measure. Our experiments carried out using a signature database as well as by simulation show that both the brute-force and its probabilistic variant turn out to be optimal under different operating conditions.

Tongue is a vital internal organ well encased within the oral cavity and protected from the environment. It has unique features which differ from individual to individual and even between identical twins. The color, shape, and surface features are characteristic of every individual, and this serves as a tool for identification. Many modes of biometricsystems have come into existence such as fingerprint, iris scan, skin color, signature verification, voice recognition, and face recognition. The search for a new personal identification method secure has led to the use of the lingual impression or the tongue print as a method of biometricauthentication. Tongue characteristics exhibit sexual dimorphism thus aiding in the identification of the person. Emerging as a novel biometric tool, tongue prints also hold the promise of a potential forensic tool. This review highlights the uniqueness of tongue prints and its superiority over other biometric identification systems. The various methods of tongue print collection and the classification of tongue features are also elucidated.

Traditional authentication schemes utilize tokens or depend on some secret knowledge possessed by the user for verifying his or her identity. Although these techniques are widely used, they have several limitations. Both tokenand knowledge-based approaches cannot differentiate between an authorized user and an impersonator having access to the tokens or passwords. Biometrics-based authentication schemes overcome these limitations while offering usability advantages in the area of password management. However, despite its obvious advantages, the use of biometrics raises several security and privacy concerns.

The popularity of authentication via fingerprints, iris, face or other biometric features is growing. Hence there is an increasing need to allow a wide variety of verifying parties to have access to biometric template (or reference) data. In this paper, we discuss solutions to ensure that in a

This paper presents design and implementation of secured biometric template protection system by transforming the biometric template using binary chaotic signals and 3 different key streams to obtain another form of template and demonstrating its efficiency by the results and investigating on its security through analysis including, key space analysis, information entropy and key sensitivity analysis.

When two biometric specimens are compared using an automatic biometric recognition system, a similarity metric called “score‿ can be computed. In forensics, one of the biometric specimens is from an unknown source, for example, from a CCTV footage or a fingermark found at a crime scene and the other

The objective of this research is to develop a new robust fingerprint identification technology based upon forming surface-subsurface (under skin) ultrasonic 3D images of the finger pads. The presented work aims to create specialized ultrasonic scanning methods for biometric purposes. Preliminary research has demonstrated the applicability of acoustic microscopy for fingerprint reading. The additional information from internal skin layers and dermis structures contained in the scan can essentially improve confidence in the identification. Advantages of this system include high resolution and quick scanning time. Operating in pulse-echo mode provides spatial resolution up to 0.05 mm. Technology advantages of the proposed technology are the following: • Full-range scanning of the fingerprint area "nail to nail" (2.5 x 2.5 cm) can be done in less than 5 sec with a resolution of up to 1000 dpi. • Collection of information about the in-depth structure of the fingerprint realized by the set of spherically focused 50 MHz acoustic lens provide the resolution ~ 0.05 mm or better • In addition to fingerprints, this technology can identify sweat porous at the surface and under the skin • No sensitivity to the contamination of the finger's surface • Detection of blood velocity using Doppler effect can be implemented to distinguish living specimens • Utilization as polygraph device • Simple connectivity to fingerprint databases obtained with other techniques • The digitally interpolated images can then be enhanced allowing for greater resolution • Method can be applied to fingernails and underlying tissues, providing more information • A laboratory prototype of the biometricssystem based on these described principles was designed, built and tested. It is the first step toward a practical implementation of this technique.

The explosion of healthcare costs over the last decade has prompted the ICT industry to respond with solutions for reducing costs while improving healthcare quality. The ISO/IEEE 11073 family of standards recently released is the first step towards interoperability of mobile medical devices used in patient environments. The standards do not, however, tackle security problems, such as identity management, or the secure exchange of medical data. This paper proposes an enhancement of the ISO/IEEE 11073-20601 protocol with an identity management system based on biometry. The paper describes a novel biometric-based authentication process, together with the biometric key generation algorithm. The proposed extension of the ISO/IEEE 11073-20601 is also presented.

Full Text Available In this paper we propose a solution to obtain useful and reliable student session logs in a Learning Management System (LMS combining current logs with biometrics-based logs that show the student behaviour during the whole learning session. The aims of our solution are to guarantee that the online student is who he/she claims to be, and also to know exactly how much time he/she spends in front of the computer reading each LMS content. Even when the proposed solution does not completely avoid cheating, the use of biometric data during authentication and face tracking provides additional help to validate student performance during learning sessions. In this way it is possible to improve security for specific contents, to gain feedback of the student effort and to check the actual time spent in learning.

Fingerprints are considered as the sign of each human being, and this has contributed the development of biometric applications based on such features. Since 2002, an important vulnerability has been shown: it is possible to deceive fingerprint scanners through artificial replicas of fingertips. In order to address this shortcoming it is need to recognize a spoofing attempt with artificial fingers looking for some “life signs” each time an user submit a fingerprint (vitality detection problem...

What information is available in biometric features besides that needed for the biometric recognition process? What if a biometric feature contains Personally Identifiable Information? Will the whole biometricsystem become a threat to privacy? This paper is an attempt to quantifiy the link between

According to a popular aphorism, biometrics are turning the human body into a passport or a password. As usual, aphorisms say more than they intend. Taking the dictum seriously, we would be two: ourself and our body. Who are we, if we are not our body? And what is our body without us? The endless history of identification systems teaches that identification is not a trivial fact but always involves a web of economic interests, political relations, symbolic networks, narratives and meanings. Certainly there are reasons for the ethical and political concerns surrounding biometrics but these reasons are probably quite different from those usually alleged.

To ensure the actual presence of a real legitimate trait in contrast to a fake self-manufactured synthetic or reconstructed sample is a significant problem in biometricauthentication, which requires the development of new and efficient protection measures. In this paper, we present a novel software-based fake detection method that can be used in multiple biometricsystems to detect different types of fraudulent access attempts. The objective of the proposed system is to enhance the security of biometric recognition frameworks, by adding liveness assessment in a fast, user-friendly, and non-intrusive manner, through the use of image quality assessment. The proposed approach presents a very low degree of complexity, which makes it suitable for real-time applications, using 25 general image quality features extracted from one image (i.e., the same acquired for authentication purposes) to distinguish between legitimate and impostor samples. The experimental results, obtained on publicly available data sets of fingerprint, iris, and 2D face, show that the proposed method is highly competitive compared with other state-of-the-art approaches and that the analysis of the general image quality of real biometric samples reveals highly valuable information that may be very efficiently used to discriminate them from fake traits.

Current mechanical key in the motorcycle is prone to bulgary, being stolen or misplaced. Intelligent biometric voice recognition as means to replace this mechanism is proposed as an alternative. The proposed system will decide whether the voice is belong to the user or not and the word utter by the user is ‘On’ or ‘Off’. The decision voice will be sent to Arduino in order to start or stop the engine. The recorded voice is processed in order to get some features which later be used as input to the proposed system. The Mel-Frequency Ceptral Coefficient (MFCC) is adopted as a feature extraction technique. The extracted feature is the used as input to the SVM-based identifier. Experimental results confirm the effectiveness of the proposed intelligent voice recognition and word recognition system. It show that the proposed method produces a good training and testing accuracy, 99.31% and 99.43%, respectively. Moreover, the proposed system shows the performance of false rejection rate (FRR) and false acceptance rate (FAR) accuracy of 0.18% and 17.58%, respectively. In the intelligent word recognition shows that the training and testing accuracy are 100% and 96.3%, respectively.

This paper describes an ongoing instrument development project to distinguish genuine manufactured components from counterfeit components; we call the instrument ASSURES (Authentication Sensing System Using Resonance Evaluation Spectroscopy). The system combines Laser Doppler Vibrometry with acoustical resonance spectroscopy, augmented with finite element analysis. Vibrational properties of components, such as resonant modes, damping, and spectral frequency response to various forcing functions depend strongly upon the mechanical properties of the material, including its size, shape, internal hardness, tensile strength, alloy/composite compositions, flaws, defects, and other internal material properties. Although acoustic resonant spectroscopy has seen limited application, the information rich signals in the vibrational spectra of objects provide a pathway to many new applications. Components with the same shape but made of different materials, different fatigue histories, damage, tampering, or heat treatment, will respond differently to high frequency stimulation. Laser Doppler Vibrometry offers high sensitivity and frequency bandwidth to measure the component's frequency spectrum, and overcomes many issues that limit conventional acoustical resonance spectroscopy, since the sensor laser beam can be aimed anywhere along the part as well as to multiple locations on a part in a non-contact way. ASSURES is especially promising for use in additive manufacturing technology by providing signatures as digital codes that are unique to specific objects and even to specific locations on objects. We believe that such signatures can be employed to address many important issues in the manufacturing industry. These include insuring the part meets the often very rigid specifications of the customer and being able to detect non-visible internal manufacturing defects or non-visible damage that has occurred after manufacturing.

This project deals with authentication by a mobile device. The mobile device with the operating system Android 5.0 was chosen as authentication device. The user can perform authentication with emulation of contactless chip cards by using Host-based Card Emulation, which runs via Near Field Communication, where cryptographic keys are stored in a secure environment KeyStore. The project continues with implementation of authentication via Bluetooth LE and describes application for authentization...

The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

In this paper, an optical security system has been proposed in which key of the double random phase encoding technique is linked to the biometrics of the user to make it user specific. The error in recognition due to the biometric variation is corrected by encoding the key using the BCH code. A user specific shuffling key is used to increase the separation between genuine and impostor Hamming distance distribution. This shuffling key is then further secured using the RSA public key encryption to enhance the security of the system. XOR operation is performed between the encoded key and the feature vector obtained from the biometrics. The RSA encoded shuffling key and the data obtained from the XOR operation are stored into a token. The main advantage of the present technique is that the key retrieval is possible only in the simultaneous presence of the token and the biometrics of the user which not only authenticates the presence of the original input but also secures the key of the system. Computational experiments showed the effectiveness of the proposed technique for key retrieval in the decryption process by using the live biometrics of the user.

A software package that has been designed to allow authentication for determining if the rover(s) is/are within a set of boundaries or a specific area to access critical geospatial information by using GPS signal structures as a means to authenticate mobile devices into a network wirelessly and in real-time. The advantage lies in that the system only allows those with designated geospatial boundaries or areas into the server.

Biometrics is used to uniquely identify a person‘s individual based on physical and behavioural characteristics. Unimodal biometricsystem contains various problems such as degree of freedom, spoof attacks, non-universality, noisy data and error rates. Multimodal biometrics is introduced to overcome the limitations in Unimodal biometrics. The presented methodology extracts the features of four biometric traits such as fingerprint, palm, iris and retina. Then extracted features are fused in th...

The use of an individual's neural response to stimuli (the event-related potential or ERP) has potential as a biometric because it is highly resistant to fraud relative to other conventional authenticationsystems. P300 is an ERP in human electroencephalography (EEG) that occurs in response to an oddball stimulus when an individual is actively engaged in a target detection task. Because P300 is consistently detectable from almost every subject, it is considered a potential signal for biometric applications. This paper presents a feasibility study of using topological plots of P300 as a biometric in subject authentication. The variation in latency and location of P300 response of 24 participants performing the P300Speller task were studied. Data sets from four participants were used for algorithm training; data from the other 20 participants were used as imposters for algorithm validation. The result showed that the algorithm was able to correctly identify three out of these four participants. Validation test also proved that the algorithm was able to reject 95% of the imposters for those three authenticated participants.

Full text: Radiation measurement and systems are central to the affirmation of compliance with nuclear material control agreements associated with a variety of arms control and non-proliferation regimes. A number of radiation measurement systems are under development for this purpose, and the correct functioning of these systems will be authenticated. Authentication is the process by which a monitoring party to an agreement is assured that measurement systems are assembled as designed, function as designed, and do not contain hidden features that allow the passing of material inconsistent with an accepted declaration. Attribute measurement systems are specific examples of radiation measurement systems that are being developed in the United States and the Russian Federation. Under one bilateral agreement, the U.S. Department of Defense, Defense Threat Reduction Agency, Cooperative Threat Reduction (DoD DTRA/CTR) Program is constructing a Fissile Material Storage Facility (FMSF) at Mayak to hold up to 50 tons of plutonium from the disassembly of Russian Federation nuclear weapons. Negotiations are being held between the U.S. and the Russian Federation for cooperative development of attribute measurement systems to provide confidence that the material is of weapons origin and other purposes. Pacific Northwest National Laboratory is leading the authentication effort for U.S. interests at FMSF. There are two basic requirements for an attribute measurement system: protection of classified information, and assurance of credible performance of the system for the measurement. The technology used to protect classified information is referred to as an information barrier. An information barrier consists of technology and procedures that prevent the release of host-country classified information to a monitoring party during a joint inspection of a sensitive item. Information barriers are used on monitoring systems that are exposed to host-party classified materials

Automated Teller Machine (ATM) is an electronic banking outlet that allows bank customers to complete a banking transactions without the aid of any bank official or teller. Several problems are associated with the use of ATM card such card cloning, card damaging, card expiring, cast skimming, cost of issuance and maintenance and accessing customer account by third parties. The aim of this project is to give a freedom to the user by changing the card to biometric security system to access the bank account using Advanced Encryption Standard (AES) algorithm. The project is implemented using Field Programmable Gate Array (FPGA) DE2-115 board with Cyclone IV device, fingerprint scanner, and Multi-Touch Liquid Crystal Display (LCD) Second Edition (MTL2) using Very High Speed Integrated Circuit Hardware (VHSIC) Description Language (VHDL). This project used 128-bits AES for recommend the device with the throughput around 19.016Gbps and utilized around 520 slices. This design offers a secure banking transaction with a low rea and high performance and very suited for restricted space environments for small amounts of RAM or ROM where either encryption or decryption is performed.

Full Text Available The ideal real time personal authenticationsystem should be fast and accurate to automatically identify a person’s identity. In this paper, we have proposed a palmprint based biometricauthentication method with improvement in time and accuracy, so as to make it a real time palmprint authenticationsystem. Several edge detection methods, wavelet transform, phase congruency etc. are available to extract line feature from the palmprint. In this paper, Multi-scale Sobel Code operators of different orientations (0?, 45?, 90?, and 135? are applied to the palmprint to extract Sobel-Palmprint features in different direc- tions. The Sobel-Palmprint features extracted are stored in Sobel- Palmprint feature vector and matched using sliding window with Hamming Distance similarity measurement method. The sliding win- dow method is accurate but time taking process. In this paper, we have improved the sliding window method so that the matching time reduces. It is observed that there is 39.36% improvement in matching time. In addition, a Min Max Threshold Range (MMTR method is proposed that helps in increasing overall system accuracy by reducing the False Acceptance Rate (FAR. Experimental results indicate that the MMTR method improves the False Acceptance Rate drastically and improvement in sliding window method reduces the comparison time. The accuracy improvement and matching time improvement leads to proposed real time authenticationsystem.

The emergence of the Personal Health Record (PHR) has made individual health information more readily accessible to a wide range of users including patients, consumers, practitioners, and healthcare providers. However, increased accessibility of PHR threatens the confidentiality, privacy, and security of personalized health information. Therefore, a need for robust and reliable forms of authentication is of prime concern. The concept of biometricauthentication is now highly visible to healthcare providers as a technology to prevent unauthorized access to individual health information. Implementing biometricauthentication mechanisms to protect PHR facilitates access control and secure exchange of health information. In this paper, a literature review is used to explore the key benefits, technical barriers, challenges, and ethical implications for using biometricauthentication in PHR.

Organizations continue to rely on password-based authentication methods to control access to many Web-based systems. This research study developed a benchmarking instrument intended to assess authentication methods used in Web-based information systems (IS). It developed an Authentication Method System Index (AMSI) to analyze collected data from…

Full Text Available The authentication schemes for telecare medical information systems (TMIS try to ensure secure and authorized access. ID-based authentication schemes address secure communication, but privacy is not properly addressed. In recent times, dynamic ID-based remote user authentication schemes for TMIS have been presented to protect user’s privacy. The dynamic ID-based authentication schemes efficiently protect the user’s privacy. Unfortunately, most of the existing dynamic ID-based authentication schemes for TMIS ignore the input verifying condition. This makes login and password change phases inefficient. Inefficiency of the password change phase may lead to denial of service attack in the case of incorrect input in the password change phase. To overcome these weaknesses, we proposed a new dynamic ID-based authentication scheme using a smart card. The proposed scheme can quickly detect incorrect inputs which makes the login and password change phase efficient. We adopt the approach with the aim to protect privacy, and efficient login and password change phases. The proposed scheme also resists off-line password guessing attack and denial of service attack. We also demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham logic. In addition, our scheme is comparable in terms of the communication and computational overheads with relevant schemes for TMIS.

The widespread use of computers throughout modern society introduces the necessity for usable and counterfeit-resistant authentication methods to ensure secure access to personal resources such as bank accounts, e-mail, and social media. Current authentication methods require tedious memorization of lengthy pass phrases, are often prone to shouldersurfing, and may be easily replicated (either by counterfeiting parts of the human body or by guessing an authentication token based on readily available information). This paper describes preliminary work toward a counterfeit-resistant usable eye movement-based (CUE) authentication method. CUE does not require any passwords (improving the memorability aspect of the authenticationsystem), and aims to provide high resistance to spoofing and shoulder-surfing by employing the combined biometric capabilities of two behavioral biometric traits: 1) oculomotor plant characteristics (OPC) which represent the internal, non-visible, anatomical structure of the eye; 2) complex eye movement patterns (CEM) which represent the strategies employed by the brain to guide visual attention. Both OPC and CEM are extracted from the eye movement signal provided by an eye tracking system. Preliminary results indicate that the fusion of OPC and CEM traits is capable of providing a 30% reduction in authentication error when compared to the authentication accuracy of individual traits.

Large multicomponent Operator-provided C and S systems with computer control, such as the pioneering Japanese Fast Critical Assembly Portal Monitor (FCA P/M), can efficiently meet evolving IAEA C and S requirements but they present substantial challenges to the IAEA's need to authenticate the data produced. To authenticate such systems by traditional IAEA methods would require a prohibitive expenditure of resources to ensure that each individual component is provided with credible tamper indication and that the control and interpretation of the data is appropriate. Consequently, in parallel with the FCA P/M field trial currently underway in Japan, the IAEA has initiated a programme aimed at producing resource-efficient and credible authentication of the system. Although initially focused on the P/M system, the methods under consideration are applicable to other similar Operator-provided systems

The acute toxic class (ATC) methods were developed for determining LD(50)/LC(50) estimates of chemical substances with significantly fewer animals than needed when applying conventional LD(50)/LC(50) tests. The ATC methods are sequential stepwise procedures with fixed starting doses/concentrations and a maximum of six animals used per dose/concentration. The numbers of dead/moribund animals determine whether further testing is necessary or whether the test is terminated. In recent years we have developed classification procedures for the oral, dermal and inhalation routes of administration by using biometric methods. The biometric approach assumes a probit model for the mortality probability of a single animal and assigns the chemical to that toxicity class for which the best concordance is achieved between the statistically expected and the observed numbers of dead/moribund animals at the various steps of the test procedure. In previous publications we have demonstrated the validity of the biometric ATC methods on the basis of data obtained for the oral ATC method in two-animal ring studies with 15 participants from six countries. Although the test procedures and biometric evaluations for the dermal and inhalation ATC methods have already been published, there was a need for an adaptation of the classification schemes to the starting doses/concentrations of the Globally Harmonized Classification System (GHS) recently adopted by the Organization for Economic Co-operation and Development (OECD). Here we present the biometric evaluation of the dermal and inhalation ATC methods for the starting doses/concentrations of the GHS and of some other international classification systems still in use. We have developed new test procedures and decision rules for the dermal and inhalation ATC methods, which require significantly fewer animals to provide predictions of toxicity classes, that are equally good or even better than those achieved by using the conventional LD(50)/LC

The sampling for analysis from vessels and columns at the Rokkasho Reprocessing Plant (RRP) is performed mostly by the automatic sampling system. The safeguards sample for the verification also will be taken using these sampling systems and transfer to the OSL though the pneumatic transfer network owned and controlled by operator. In order to maintaining sample integrity and continuity of knowledge (CoK) for throughout the sample processing. It is essential to develop and establish the authentication measures for the automatic sampling system including transfer network. We have developed the Automatic Sampling AuthenticationSystem (ASAS) under consultation by IAEA. This paper describes structure, function and concept of ASAS. (author)

Full Text Available detection technique that analyses the fingerprint biometric network traffic for evidence of intrusion. The neural network algorithm that imitates the way a human brain works is used in this study to classify normal traffic and learn the correct traffic...

With rapid development of computer technology and wide use of mobile devices, the telecare medicine information system has become universal in the field of medical care. To protect patients' privacy and medial data's security, many authentication schemes for the telecare medicine information system have been proposed. Due to its better performance, chaotic maps have been used in the design of authentication schemes for the telecare medicine information system. However, most of them cannot provide user's anonymity. Recently, Lin proposed a dynamic identity based authentication scheme using chaotic maps for the telecare medicine information system and claimed that their scheme was secure against existential active attacks. In this paper, we will demonstrate that their scheme cannot provide user anonymity and is vulnerable to the impersonation attack. Further, we propose an improved scheme to fix security flaws in Lin's scheme and demonstrate the proposed scheme could withstand various attacks.

Biometric security is a topic of rapidly growing importance in the areas of user authentication and cryptographic key generation. In this paper, we describe our steps toward developing evaluation methodologies for behavioral biometrics that take into account threat models that have been largely ignored. We argue that the pervasive assumption that forgers are minimally motivated (or, even worse, naive) is too optimistic and even dangerous. Taking handwriting as a case in point, we show through a series of experiments that some users are significantly better forgers than others, that such forgers can be trained in a relatively straightforward fashion to pose an even greater threat, that certain users are easy targets for forgers, and that most humans are a relatively poor judge of handwriting authenticity, and hence, their unaided instincts cannot be trusted. Additionally, to overcome current labor-intensive hurdles in performing more accurate assessments of system security, we present a generative attack model based on concatenative synthesis that can provide a rapid indication of the security afforded by the system. We show that our generative attacks match or exceed the effectiveness of forgeries rendered by the skilled humans we have encountered.

Full Text Available Mobile authentication can be used to verify a mobile user’s identity. Normally this is accomplished through the use of logon passwords, but this can raise the secret-key agreement problem between entities. This issue can be resolved by using a public-key cryptosystem, but mobile devices have limited computation ability and battery capacity and a PKI is needed. In this paper, we propose an efficient, non-PKI, authenticated, and blind issued symmetric key protocol for mobile access control systems. An easy-to-deploy authentication and authenticated key agreement system is designed such that empowered mobile devices can directly authorize other mobile devices to exchange keys with the server upon authentication using a non-PKI system without trusted parties. Empowered mobile users do not know the key value of the other mobile devices, preventing users from impersonating other individuals. Also, for security considerations, this system can revoke specific keys or keys issued by a specific user. The scheme is secure, efficient, and feasible and can be implemented in existing environments.

Radio Frequency Identification (RFID) based solutions are widely used for providing many healthcare applications include patient monitoring, object traceability, drug administration system and telecare medicine information system (TMIS) etc. In order to reduce malpractices and ensure patient privacy, in 2015, Srivastava et al. proposed a hash based RFID tag authentication protocol in TMIS. Their protocol uses lightweight hash operation and synchronized secret value shared between back-end server and tag, which is more secure and efficient than other related RFID authentication protocols. Unfortunately, in this paper, we demonstrate that Srivastava et al.'s tag authentication protocol has a serious security problem in that an adversary may use the stolen/lost reader to connect to the medical back-end server that store information associated with tagged objects and this privacy damage causing the adversary could reveal medical data obtained from stolen/lost readers in a malicious way. Therefore, we propose a secure and efficient RFID tag authentication protocol to overcome security flaws and improve the system efficiency. Compared with Srivastava et al.'s protocol, the proposed protocol not only inherits the advantages of Srivastava et al.'s authentication protocol for TMIS but also provides better security with high system efficiency.

Secure data encryption relies heavily on one-way functions, and copy protection relies on features that are difficult to reproduce. We present an optical authenticationsystem based on lanthanide luminescence from physical one-way functions or physical unclonable functions (PUFs). They cannot be reproduced and thus enable unbreakable encryption. Further, PUFs will prevent counterfeiting if tags with unique PUFs are grafted onto products. We have developed an authenticationsystem that comprises a hardware reader, image analysis, and authentication software and physical keys that we demonstrate as an anticounterfeiting system. The physical keys are PUFs made from random patterns of taggants in polymer films on glass that can be imaged following selected excitation of particular lanthanide(III) ions doped into the individual taggants. This form of excitation-selected imaging ensures that by using at least two lanthanide(III) ion dopants, the random patterns cannot be copied, because the excitation selection will fail when using any other emitter. With the developed reader and software, the random patterns are read and digitized, which allows a digital pattern to be stored. This digital pattern or digital key can be used to authenticate the physical key in anticounterfeiting or to encrypt any message. The PUF key was produced with a staggering nominal encoding capacity of 7 3600 . Although the encoding capacity of the realized authenticationsystem reduces to 6 × 10 104 , it is more than sufficient to completely preclude counterfeiting of products.

This paper presents an R&D framework used by the National Institute of Standards and Technology (NIST) for biometric technology testing and evaluation. The focus of this paper is on fingerprint-based verification and identification. Since 9-11 the NIST Image Group has been mandated by Congress to run a program for biometric technology assessment and biometricsystems certification. Four essential areas of activity are discussed: 1) developing test datasets, 2) conducting performance assessment; 3) technology development; and 4) standards participation. A description of activities and accomplishments are provided for each of these areas. In the process, methods of performance testing are described and results from specific biometric technology evaluations are presented. This framework is anticipated to have broad applicability to other technology and application domains.

The need for personal identification is growing in many avenues of society. To "identify" a person is to establish a link between his or her observed characteristics and those previously stored in a database. To "authenticate" is to decide whether or not someone is the person he or she claims to be. These two objectives can now be achieved by analysing biometric data and genetic prints. All biometric techniques proceed in several stages: acquisition of an image or physical parameters, encoding them with a mathematical model, comparing the results of this model with those contained in the database, and calculating the error risk. These techniques must be usable worldwide and must examine specific and permanent personal data. The most widely used are facial recognition, digital prints (flexion folds and dermatoglyphs, that offer the advantage of leaving marks), and the surface and texture of the iris. Other biometric techniques analyse behaviours such as walking, signing, typing, or speaking. Implanted radio-transmitters are another means of identification. All these systems are evaluated on the basis of the same parameters, namely the false rejection rate, the false acceptance rate, and the failure-to-enrol rate. The uses of biometrics are increasing and diversifying, and now include national and international identification systems, control of access to protected sites, criminal and victim identification, and transaction security. Genetic methods can identify individuals almost infallibly, based on short tandem repeats of 2-5 nucleotides, or microsatellites. The most recent kits analyze 11-16 independent autosomal markers. Mitochondrial DNA and Y chromosome DNA can also be analyzed. These genetic tests are currently used to identify suspected criminals or their victims from biological samples, and to establish paternity. Personal identification raises many ethical questions, however, such as when to create and how to use a database while preserving personal freedom

Full text: In vivo lung measurement is a widely used method for nuclear workers monitoring. This technique consists of assessing retained activity in lungs after an inhalation, by means of an external direct measurement of x- or gamma rays emitted during disintegration of incorporated nuclides. This estimation is always done by comparing the measurement of the subject to the measurement obtained using a physical calibration phantom. However, due to emissions by actinides of x and γ-rays with energies below 200 keV and low emission ratio, calibration of in vivo measurement systems is very delicate, leading to important systematic errors despite the improvements realized in the design of sophisticated phantoms. Moreover, in France, calibration factors for a given subject are generally corrected thanks to biometric equations determining chest wall thickness according to weight/height ratio of the measured person. Nevertheless these equations were determined for a 2, 3 or 6 detectors system in chair geometry and for American subjects, that doesn't represent the geometry encountered in French laboratories. The work presented here is dedicated to the determination of new biometric equations more adapted to the French measurement systems using 4 germanium detectors in bed geometry with a Livermore calibration phantom. These equations were determined on the basis of computed tomography (CT) images of 33 adult males and for energies of 17 and 60 keV (respectively full absorption peaks of 239 Pu and 241 Am). These biometric equations which can be directly converted into Livermore chest thicknesses, were calculated for all kinds of Livermore phantoms: 16 mm and 19 mm torso plate (100 % muscle equivalent) and for all composition of overlay plates (100 % muscle; 50 % muscle-50 % adipose; 13 % muscle-87 % adipose). The obtained results could directly be used in the different European radiobioassay laboratories to improve the calibration of in vivo lung counting systems. (author)

Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

This is the final report of a one-year, Laboratory-Directed Research and Development (LDRD) project at the Los Alamos National Laboratory (LANL). We won a 1994 R&D 100 Award for inventing the Bartas Iris Verification System. The system has been delivered to a sponsor and is no longer available to us. This technology can verify the identity of a person for purposes of access control, national security, law enforcement, forensics, counter-terrorism, and medical, financial, or scholastic records. The technique is non-invasive, psychologically acceptable, works in real-time, and obtains more biometric data than any other biometric except DNA analysis. This project sought to develop a new, second-generation prototype instrument.

Full Text Available The method of biometric cryptosystem designed on the basis of fuzzy extractor, in which main disadvantages of biometric and cryptographic systems are absent, is considered. The main idea of this work is a control of identity recognition errors with use of fuzzy extractor which operates with Reed – Solomon correcting code. The fingerprint features vector is considered as a biometric user identifier.

With the rapid development of wireless communication technologies and the growing prevalence of smart devices, telecare medical information system (TMIS) allows patients to receive medical treatments from the doctors via Internet technology without visiting hospitals in person. By adopting mobile device, cloud-assisted platform and wireless body area network, the patients can collect their physiological conditions and upload them to medical cloud via their mobile devices, enabling caregivers or doctors to provide patients with appropriate treatments at anytime and anywhere. In order to protect the medical privacy of the patient and guarantee reliability of the system, before accessing the TMIS, all system participants must be authenticated. Mohit et al. recently suggested a lightweight authentication protocol for cloud-based health care system. They claimed their protocol ensures resilience of all well-known security attacks and has several important features such as mutual authentication and patient anonymity. In this paper, we demonstrate that Mohit et al.'s authentication protocol has various security flaws and we further introduce an enhanced version of their protocol for cloud-assisted TMIS, which can ensure patient anonymity and patient unlinkability and prevent the security threats of report revelation and report forgery attacks. The security analysis proves that our enhanced protocol is secure against various known attacks as well as found in Mohit et al.'s protocol. Compared with existing related protocols, our enhanced protocol keeps the merits of all desirable security requirements and also maintains the efficiency in terms of computation costs for cloud-assisted TMIS. We propose a more secure mutual authentication and privacy preservation protocol for cloud-assisted TMIS, which fixes the mentioned security weaknesses found in Mohit et al.'s protocol. According to our analysis, our authentication protocol satisfies most functionality features

International audience; Biometric templates are often used in intelligent human computer interaction systems that include automated access control and personalization of user interaction. The effectiveness of biometricsystems is directly linked with aging that causes modifications on biometric features. For example the long term performance of person identification systems decreases as biometric templates derived from aged subjects may display substantial differences when compared to referen...

This Common Criteria approach has been applied to create a definition of Authentication Assurance Levels that can quantify the level of assurance reached for a system subject to a set of authentication procedures. The arms-control authentication application of the Common Criteria expands on more typical information security evaluations in that it must contend with information barriers and preclude sophisticated intentional subversion attempts.

The rapidly increased availability of always-on broadband telecommunication environments and lower-cost vital signs monitoring devices bring the advantages of telemedicine directly into the patient's home. Hence, the control of access to remote medical servers' resources has become a crucial challenge. A secure authentication scheme between the medical server and remote users is therefore needed to safeguard data integrity, confidentiality and to ensure availability. Recently, many authentication schemes that use low-cost mobile devices have been proposed to meet these requirements. In contrast to previous schemes, Khan et al. proposed a dynamic ID-based remote user authentication scheme that reduces computational complexity and includes features such as a provision for the revocation of lost or stolen smart cards and a time expiry check for the authentication process. However, Khan et al.'s scheme has some security drawbacks. To remedy theses, this study proposes an enhanced authentication scheme that overcomes the weaknesses inherent in Khan et al.'s scheme and demonstrated this scheme is more secure and robust for use in a telecare medical information system.

The effort to define guidance for authentication of software for arms control and nuclear material transparency measurements draws on a variety of disciplines and has involved synthesizing established criteria and practices with newer methods. Challenges include the need to protect classified information that the software manipulates as well as deal with the rapid pace of innovation in the technology of nuclear material monitoring. The resulting guidance will shape the design of future systems and inform the process of authentication of instruments now being developed. This paper explores the technical issues underlying the guidance and presents its major tenets

In these days, wearable devices have been developed for effectively measuring biological data. However, these devices have tissue allege and noise problem. To solve these problems, biometric measurement based on a non-contact method, such as face image sequencing is developed. This makes it possible to measure biometric data without any operation and side effects. However, it is impossible for a remote center to identify the person whose data are measured by the novel methods. In this paper, we propose the novel non-contact heart rate and blood pressure imaging system, Deep Health Eye. This system has authentication process at the same time as measuring bio signals, through non-contact method. In the future, this system can be convenient home bio signal monitoring system by combined with smart mirror.

Full Text Available Online banking applications are used by more and more people all over the world. Most of the banks are providing these services to their customers. The authentication methods varies from the basic user and password to username and a onetime password (OTP generated by a virtual or a physical digipass. The common thing among authentication methods is that the login wepage is provided through a secure channel. Some banks have introduced (especially for testing purposes the authentication using common biometric characteristics, like fingerprint, voice or keystroke recognition. This paper will present some of the most common online banking authentication methods, together with basic biometric characteristics that could be used in these applications. The security in internet banking applications can be improved by using biometrics for the authentication process. Also, the authors have developed an application for authentication of users using fingerprint as the main characteristic, which will be presented at the end of this paper.

In recent years, safer and more reliable biometric methods have been developed. Apart from the need for enhanced security, the media and entertainment sectors have also been applying biometrics in the emerging market of user-adaptable objects/systems to make these systems more user-friendly. However, the complexity of some state-of-the-art biometricsystems (e.g., iris recognition) or their high false rejection rate (e.g., fingerprint recognition) is neither compatible with the simple hardware architecture required by reduced-size devices nor the new trend of implementing smart objects within the dynamic market of the Internet of Things (IoT). It was recently shown that an individual can be recognized by extracting features from their electrocardiogram (ECG). However, most current ECG-based biometric algorithms are computationally demanding and/or rely on relatively large (several seconds) ECG samples, which are incompatible with the aforementioned application fields. Here, we present a computationally low-cost method (patent pending), including simple mathematical operations, for identifying a person using only three ECG morphology-based characteristics from a single heartbeat. The algorithm was trained/tested using ECG signals of different duration from the Physionet database on more than 60 different training/test datasets. The proposed method achieved maximal averaged accuracy of 97.450% in distinguishing each subject from a ten-subject set and false acceptance and rejection rates (FAR and FRR) of 5.710±1.900% and 3.440±1.980%, respectively, placing Beat-ID in a very competitive position in terms of the FRR/FAR among state-of-the-art methods. Furthermore, the proposed method can identify a person using an average of 1.020 heartbeats. It therefore has FRR/FAR behavior similar to obtaining a fingerprint, yet it is simpler and requires less expensive hardware. This method targets low-computational/energy-cost scenarios, such as tiny wearable devices (e.g., a

Nowadays, with comprehensive employment of the internet, healthcare delivery services is provided remotely by telecare medicine information systems (TMISs). A secure mechanism for authentication and key agreement is one of the most important security requirements for TMISs. Recently, Tan proposed a user anonymity preserving three-factor authentication scheme for TMIS. The present paper shows that Tan's scheme is vulnerable to replay attacks and Denial-of-Service attacks. In order to overcome these security flaws, a new and efficient three-factor anonymous authentication and key agreement scheme for TMIS is proposed. Security and performance analysis shows superiority of the proposed scheme in comparison with previously proposed schemes that are related to security of TMISs.

As we embrace the information and communication technology in our everyday activities and day-to-day transactions, security concerns have increasingly come to light, especially in some of the critical areas of our society today such as education, health and commerce, where such security concerns are even higher.

Privacy and security are vital concerns for practical biometricsystems. The concept of cancelable or revocable biometrics has been proposed as a solution for biometric template security. Revocable biometric means that biometric templates are no longer fixed over time and could be revoked in the same way as lost or stolen credit cards are. In this paper, we describe a novel and an efficient approach to biometric template protection that meets the revocability property. This scheme can be incorporated into any biometric verification scheme while maintaining, if not improving, the accuracy of the original biometricsystem. However, we shall demonstrate the result of applying such transforms on face biometric templates and compare the efficiency of our approach with that of the well-known random projection techniques. We shall also present the results of experimental work on recognition accuracy before and after applying the proposed transform on feature vectors that are generated by wavelet transforms. These results are based on experiments conducted on a number of well-known face image databases, e.g. Yale and ORL databases.

Division Information Directorate This report is published in the interest of scientific and technical information exchange, and its publication does...CA policy clarification memorandum dated 16 Jan 09. 13. SUPPLEMENTARY NOTES 14. ABSTRACT Design, develop and evaluate a desktop based active...of this project was to design, develop and evaluate a desktop active authenticationsystem that uses the following keystroke timing based biometric

Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.

The implementation of biometrics entails either the establishment of an identity or tracing a person's identity. Biometric passport data (e.g., irises, fingers, faces) can be used in order to verify a passenger's identity. The proposed Passenger Name Record (PNR) system contains all the information necessary to enable reservations to be processed and controlled by the booking and participating air carriers for each journey booked by or on behalf of any person. PNR data are related to travel movements, usually flights, and include passport data, name, address, telephone numbers, travel agent, credit card number, history of changes in the flight schedule, seat preferences, and other information. In the aftermath of the September 11 attacks, a new emergency political-law status of society was established: the continuous state of "war" against the so-called unlawful combatants of the "enemy". Officially, the enemy is the terrorists, but the victims of the privacy invasions caused by the above new form of data processing are the civilians. The data processing based on biometrics is covered both by Directive 95/46 EC and Article 8 of the Convention on the Protection of Human Rights and Fundamental Freedoms (now the European Convention on Human Rights, "ECHR"). According to Article 2, Paragraph a of the above Directive, personal data shall mean any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural, or social identity.

Full Text Available The implementation of biometrics entails either the establishment of an identity or tracing a person's identity. Biometric passport data (e.g., irises, fingers, faces can be used in order to verify a passenger's identity. The proposed Passenger Name Record (PNR system contains all the information necessary to enable reservations to be processed and controlled by the booking and participating air carriers for each journey booked by or on behalf of any person. PNR data are related to travel movements, usually flights, and include passport data, name, address, telephone numbers, travel agent, credit card number, history of changes in the flight schedule, seat preferences, and other information. In the aftermath of the September 11 attacks, a new emergency political-law status of society was established: the continuous state of “war” against the so-called unlawful combatants of the “enemy”. Officially, the enemy is the terrorists, but the victims of the privacy invasions caused by the above new form of data processing are the civilians. The data processing based on biometrics is covered both by Directive 95/46 EC and Article 8 of the Convention on the Protection of Human Rights and Fundamental Freedoms (now the European Convention on Human Rights, “ECHR”. According to Article 2, Paragraph a of the above Directive, personal data shall mean any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural, or social identity.

Full Text Available The reasonability for the usage of computer systems user voice in the authentication process is proved. The scientific task for improving the signal/noise ratio of the user voice signal in the authenticationsystem is considered. The object of study is the process of input and output of the voice signal of authenticationsystem user in computer systems and networks. Methods and means for input and extraction of voice signal against external interference signals are researched. Methods for quality enhancement of user voice signal in voice authenticationsystems are suggested. As modern computer facilities, including mobile ones, have two-channel audio card, the usage of two microphones is proposed in the voice signal input system of authenticationsystem. Meanwhile, the task of forming a lobe of microphone array in a desired area of voice signal registration (100 Hz to 8 kHz is solved. The usage of directional properties of the proposed microphone array gives the possibility to have the influence of external interference signals two or three times less in the frequency range from 4 to 8 kHz. The possibilities for implementation of space-time processing of the recorded signals using constant and adaptive weighting factors are investigated. The simulation results of the proposed system for input and extraction of signals during digital processing of narrowband signals are presented. The proposed solutions make it possible to improve the value of the signal/noise ratio of the useful signals recorded up to 10, ..., 20 dB under the influence of external interference signals in the frequency range from 4 to 8 kHz. The results may be useful to specialists working in the field of voice recognition and speaker’s discrimination.

Connected health care provides new opportunities for improving financial and clinical performance. Many connected health care applications such as telecare medicine information system, personally controlled health records system, and patient monitoring have been proposed. Correct and quality care is the goal of connected heath care, and user authentication can ensure the legality of patients. After reviewing authentication schemes for connected health care applications, we find that many of them cannot protect patient privacy such that others can trace users/patients by the transmitted data. And the verification tokens used by these authentication schemes to authenticate users or servers are only password, smart card and RFID tag. Actually, these verification tokens are not unique and easy to copy. On the other hand, biometric characteristics, such as iris, face, voiceprint, fingerprint and so on, are unique, easy to be verified, and hard to be copied. In this paper, a biometrics-based user authentication scheme will be proposed to ensure uniqueness and anonymity at the same time. With the proposed scheme, only the legal user/patient himself/herself can access the remote server, and no one can trace him/her according to transmitted data.

Full Text Available Biometricsystems are automatic tools used to provide authentication during various applications of modern computing. In this work, three different design frameworks for multimodal biometricsystems based on fingerprint and hand geometry modalities are proposed. An analysis is also presented to diagnose various types of template security issues in the proposed system. Fuzzy analytic hierarchy process (FAHP is applied with five decision parameters on all the designs and framework 1 is found to be better in terms of template data security, templates fusion and computational efficiency. It is noticed that template data security before storage in database is a challenging task. An important observation is that a template may be secured at feature fusion level and an indexing technique may be used to improve the size of secured templates.

The technology of IoT combined with medical systems is expected to support advanced medical services. However, unsolved security problems, such as misuse of medical devices, illegal access to the medical server and so on, make IoT-based medical systems not be applied widely. In addition, users have a high burden of computation to access Things for the explosive growth of IoT devices. Because medical information is critical and important, but users have a restricted computing power, IoT-based medical systems are required to provide secure and efficient authentication for users. In this paper, we propose a selective group authentication scheme using Shamir's threshold technique. The property of selectivity gives the right of choice to users to form a group which consists of things users select and access. And users can get an access authority for those Things at a time. Thus, our scheme provides an efficient user authentication for multiple Things and conditional access authority for safe IoT-based medical information system. To the best of our knowledge, our proposed scheme is the first in which selectivity is combined with group authentication in IoT environments.

Full Text Available A secure and distributed framework for the management of patients’ information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth scheme for managing patients’ data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed.

A secure and distributed framework for the management of patients' information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients' data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed.

This paper describes a network identity authentication protocol of bank account system based on fingerprint identification and mixed encryption. This protocol can provide every bank user a safe and effective way to manage his own bank account, and also can effectively prevent the hacker attacks and bank clerk crime, so that it is absolute to guarantee the legitimate rights and interests of bank users.

A secure and distributed framework for the management of patients’ information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients’ data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed. PMID:28362328

Recently the smart grid has been a hot issue in the research area. The Electric Vehicle (EV) is the most important component in the Smart Grid, having a role of the battery component with high capacity. We have thought how to introduce the EV in the housing development, and for proper operation of the smart grid systems in the housing area the authenticationsystem is essential for the individual houses. We propose an authenticationsystem to discriminate an individual houses, so that the account management component can appropriately operate the electrical charging and billing in the housing estate. The proposed system has an architecture to integrate the charging system outside a house and the monitoring system inside a house.

Full Text Available The objective of this experiment was to evaluate the effect of 2 feeding systems and 5 breeding groups on the growth performance, biometric features, and stomach morphology of feedlot goat kids. The experiment utilized gender as a randomized blocking factor in a 5 × 2 factorial scheme. The study goats were from the Alpine, Anglo-Nubian, 1/2 Boer x Alpine, 3/4 Boer x Alpine, and 7/8 Boer x Alpine breeds. Half of the goats were fed an experimental diet, whereas the other half were given the same diet supplemented with 1.5 L milk daily. The kids were slaughtered after they attained 30 kg body weight. The 1/2 Boer x Alpine goats showed superior growth performance because they exhibiting considerable heterosis. These animals are especially easy to use given that there is no need to maintain cross-bred females (½ Boer x Alpine e ¾ Boer x Alpine in the flock. Using milk in the feed the animals does not adversely affect growth performance or biometric features. Moreover, it helps to reduce the total weight of the stomach and leads to a 51.39% savings on feed. Dietary supplementation of milk in goat feed is recommended so long as there is excess milk available on the property.

International audience; Biometrics lack revocability and privacy while cryptography cannot detect the user's identity. By obtaining cryptographic keys using biometrics, one can achieve the properties such as revocability, assurance about user's identity, and privacy. In this paper, we propose a multi-biometric based cryptographic key regeneration scheme. Since left and right irises of a person are uncorrelated, we treat them as two independent biometrics and combine in our system. We propose ...

We use grip pattern based biometrics as a location limited channel to achieve pre-authentication in a protocol that sets up a secure cannel between two handheld devices. The protocol efficiently calculates a shared secret key from biometric data using quantization and cryptanalysis. The protocol is

In biometric recognition systems, biometric samples (images of faces, finger- prints, voices, gaits, etc.) of people are compared and classifiers (matchers) indicate the level of similarity between any pair of samples by a score. If two samples of the same person are compared, a genuine score is

A successful design, deployment and operation of biometricsystems depends highly on the results for existing biometrical technologies and components. These existing technologies as well as new solutions need to be evaluated on their performance. However it is often forgotten that the biometric

A succesful design, deployment and operation of biometricsystems depends highly on the results for existing biometrical technologies and components. These existing technologies as well as new solutions need to be evaluated on their performance. However it is often forgotten that the biometric

An authenticationsystem and method is presented for authenticating a first party to a second party, where an operation is performed on condition that the authentication succeeds. The authentication method verifies whether the first party is authenticated. If the first party is not authenticated,

This paper describes the design and implementation of an e-Health authentication architecture using smartcards and a PKI. This architecture was developed to authenticate e-Health Professionals accessing the RTS (Rede Telemática da Saúde), a regional platform for sharing clinical data among a set of affiliated health institutions. The architecture had to accommodate specific RTS requirements, namely the security of Professionals' credentials, the mobility of Professionals, and the scalability to accommodate new health institutions. The adopted solution uses short-lived certificates and cross-certification agreements between RTS and e-Health institutions for authenticating Professionals accessing the RTS. These certificates carry as well the Professional's role at their home institution for role-based authorization. Trust agreements between e-Health institutions and RTS are necessary in order to make the certificates recognized by the RTS. As a proof of concept, a prototype was implemented with Windows technology. The presented authentication architecture is intended to be applied to other medical telematic systems.

In telecare medicine information systems (TMIS), identity authentication of patients plays an important role and has been widely studied in the research field. Generally, it is realized by an authenticated key agreement protocol, and many such protocols were proposed in the literature. Recently, Zhang et al. pointed out that Islam et al.'s protocol suffers from the following security weaknesses: (1) Any legal but malicious patient can reveal other user's identity; (2) An attacker can launch off-line password guessing attack and the impersonation attack if the patient's identity is compromised. Zhang et al. also proposed an improved authenticated key agreement scheme with privacy protection for TMIS. However, in this paper, we point out that Zhang et al.'s scheme cannot resist off-line password guessing attack, and it fails to provide the revocation of lost/stolen smartcard. In order to overcome these weaknesses, we propose an improved protocol, the security and authentication of which can be proven using applied pi calculus based formal verification tool ProVerif.

We introduce the intraclass correlation coefficient (ICC) to the biometric community as an index of the temporal persistence, or stability, of a single biometric feature. It requires, as input, a feature on an interval or ratio scale, and which is reasonably normally distributed, and it can only be calculated if each subject is tested on 2 or more occasions. For a biometricsystem, with multiple features available for selection, the ICC can be used to measure the relative stability of each feature. We show, for 14 distinct data sets (1 synthetic, 8 eye-movement-related, 2 gait-related, and 2 face-recognition-related, and one brain-structure-related), that selecting the most stable features, based on the ICC, resulted in the best biometric performance generally. Analyses based on using only the most stable features produced superior Rank-1-Identification Rate (Rank-1-IR) performance in 12 of 14 databases (p = 0.0065, one-tailed), when compared to other sets of features, including the set of all features. For Equal Error Rate (EER), using a subset of only high-ICC features also produced superior performance in 12 of 14 databases (p = 0. 0065, one-tailed). In general, then, for our databases, prescreening potential biometric features, and choosing only highly reliable features yields better performance than choosing lower ICC features or than choosing all features combined. We also determined that, as the ICC of a group of features increases, the median of the genuine similarity score distribution increases and the spread of this distribution decreases. There was no statistically significant similar relationships for the impostor distributions. We believe that the ICC will find many uses in biometric research. In case of the eye movement-driven biometrics, the use of reliable features, as measured by ICC, allowed to us achieve the authentication performance with EER = 2.01%, which was not possible before. PMID:28575030

This book presents different methods for analyzing the body language (movement, position, use of personal space, silences, pauses and tone, the eyes, pupil dilation or constriction, smiles, body temperature and the like) for better understanding people’s needs and actions, including biometric data gathering and reading. Different studies described in this book indicate that sufficiently much data, information and knowledge can be gained by utilizing biometric technologies. This is the first, wide-ranging book that is devoted completely to the area of intelligent decision support systems, biometrics technologies and their integrations. This book is designated for scholars, practitioners and doctoral and master’s degree students in various areas and those who are interested in the latest biometric and intelligent decision making support problems and means for their resolutions, biometric and intelligent decision making support systems and the theory and practice of their integration and the opportunities fo...

A theoretical result relating the maximum achievable security of the family of biometric template protection systems known as key-binding systems to the recognition performance of a biometric recognition system that is optimal in Neyman-Pearson sense is derived. The relation allows for the

Securing electronic health records, in scenarios in which the provision of care services is share among multiple actors, could become a complex and costly activity. Correct identification of patients and physician, protection of privacy and confidentiality, assignment of access permissions for healthcare providers and resolutions of conflicts rise as main points of concern in the development of interconnected health information networks. Biometric technologies have been proposed as a possible technological solution for these issues due to its ability to provide a mechanism for unique verification of an individual identity. This paper presents an analysis of the benefit as well as disadvantages offered by biometric technology. A comparison between this technology and more traditional identification methods is used to determine the key benefits and flaws of the use biometric in health information systems. The comparison as been made considering the viability of the technologies for medical environments, global security needs, the contemplation of a share care environment and the costs involved in the implementation and maintenance of such technologies. This paper also discusses alternative uses for biometrics technologies in health care environments. The outcome of this analysis lays in the fact that even when biometric technologies offer several advantages over traditional method of identification, they are still in the early stages of providing a suitable solution for a health care environment.

Sensor networks have opened up new opportunities in healthcare systems, which can transmit patient's condition to health professional's hand-held devices in time. The patient's physiological signals are very sensitive and the networks are extremely vulnerable to many attacks. It must be ensured that patient's privacy is not exposed to unauthorized entities. Therefore, the control of access to healthcare systems has become a crucial challenge. An efficient and secure authentication protocol will thus be needed in wireless medical sensor networks. In this paper, we propose a certificateless authentication scheme without bilinear pairing while providing patient anonymity. Compared with other related protocols, the proposed scheme needs less computation and communication cost and preserves stronger security. Our performance evaluations show that this protocol is more practical for healthcare system in wireless medical sensor networks. PMID:23710147

Information technology has been widely promoted in the healthcare sector to improve current practice and patient safety. However, end users are seldom involved extensively in the design and development of healthcare systems, with lip service often paid to the idea of true user involvement. In this case study the impact of sustained authentic user participation was explored using an interdisciplinary team, consisting of experts both in interaction and healthcare design and consultant anaesthetists, nurses, and pharmacists, to create an electronic prescribing and administration system. This paper details the interface that was created and provides examples of the way in which the design evolved in response to the sustained authentic user participation methods. The working prototype both reduced the opportunity for user error and was preferred by its users to the existing manual system.

Biometric hashing is a cancelable biometric verification method that has received research interest recently. This method can be considered as a two-factor authentication method which combines a personal password (or secret key) with a biometric to obtain a secure binary template which is used for authentication. We present novel practical security and privacy attacks against biometric hashing when the attacker is assumed to know the user's password in order to quantify the additional protection due to biometrics when the password is compromised. We present four methods that can reconstruct a biometric feature and/or the image from a hash and one method which can find the closest biometric data (i.e., face image) from a database. Two of the reconstruction methods are based on 1-bit compressed sensing signal reconstruction for which the data acquisition scenario is very similar to biometric hashing. Previous literature introduced simple attack methods, but we show that we can achieve higher level of security threats using compressed sensing recovery techniques. In addition, we present privacy attacks which reconstruct a biometric image which resembles the original image. We quantify the performance of the attacks using detection error tradeoff curves and equal error rates under advanced attack scenarios. We show that conventional biometric hashing methods suffer from high security and privacy leaks under practical attacks, and we believe more advanced hash generation methods are necessary to avoid these attacks.

This book showcases new and innovative approaches to biometric data capture and analysis, focusing especially on those that are characterized by non-intrusiveness, reliable prediction algorithms, and high user acceptance. It comprises the peer-reviewed papers from the international workshop on the subject that was held in Ancona, Italy, in October 2014 and featured sessions on ICT for health care, biometric data in automotive and home applications, embedded systems for biometric data analysis, biometric data analysis: EMG and ECG, and ICT for gait analysis. The background to the book is the challenge posed by the prevention and treatment of common, widespread chronic diseases in modern, aging societies. Capture of biometric data is a cornerstone for any analysis and treatment strategy. The latest advances in sensor technology allow accurate data measurement in a non-intrusive way, and in many cases it is necessary to provide online monitoring and real-time data capturing to support a patient’s prevention pl...

management. BIOID 2008. The papers are categorized in four classes. These classes represent the 4 working groups of the COST Action 2101. For more information, see http://www.cost2101.org/. Biometric data quality and multimodal biometric templates, Unsupervised interactive interfaces for multimodal...... security and border control scenarios it is now apparent that the widespread availability of biometrics in everyday life will also spin out an ever increasing number of (private) applications in other domains. Crucial to this vision is the management of the user's identity, which does not only imply...... biometrics, Biometric attacks and countermeasures, Standards and privacy issues for biometrics in identity documents and smart cards. BIOID 2008 is an initiative of the COST Action 2101 on Biometrics for Identity Documents and Smart Cards. It is supported by the EU Framework 7 Programme. Other sponsors...

The Authenticated Tracking and Monitoring System (ATMS) is designed to answer the need for global monitoring of the status and location of proliferation-sensitive items on a worldwide basis, 24 hours a day. ATMS uses wireless sensor packs to monitor the status of the items within the shipment and surrounding environmental conditions. Receiver and processing units collect a variety of sensor event data that is integrated with GPS tracking data. The collected data are transmitted to the International Maritime Satellite (INMARSAT) communication system, which then sends the data to mobile ground stations. Authentication and encryption algorithms secure the data during communication activities. A typical ATMS application would be to track and monitor the stiety and security of a number of items in transit along a scheduled shipping route. The resulting tracking, timing, and status information could then be processed to ensure compliance with various agreements

Telecare medical information systems (TMIS), with the explosive growth of communication technology and physiological monitoring devices, are applied increasingly to enable and support healthcare delivery services. In order to safeguard patients' privacy and tackle the illegal access, authentication schemes for TMIS have been investigated and designed by many researchers. Many of them are promising for adoption in practice, nevertheless, they still have security flaws. In this paper, we propose a novel remote authentication scheme for TMIS using self-certified public keys, which is formally secure in the ID-mBJM model. Besides, the proposed scheme has better computational efficiency. Compared to the related schemes, our protocol is more practical for telemedicine system.

This paper presents a bi-modal (face and speech) authentication demonstration system that simulates the login of a user using its face and its voice. This demonstration is called BioLogin. It runs both on Linux and Windows and the Windows version is freely available for download. Bio\\-Login is implemented using an open source machine learning library and its machine vision package.

Full Text Available While mobile hosts are evolving into full-IP enabled devices, there is a greater demand to provide a more flexible, reconfigurable, and scalable security mechanism in mobile communication systems beyond 3G (B3G. Work has already begun on such an all-IP end-to-end solution, commonly referred to as 4G systems. Fully fledged integration between heterogeneous networks, such as 2.5G, UMTS, WLAN, Bluetooth, and the Internet, demands fully compatible, time-tested, and reliable mechanisms to depend on. SSL protocol has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future wireless environments. In this paper, we discuss existing problems related to authentication and key agreement (AKA procedures, such as compromised authentication vectors attacks, as they appear in current 2/2.5G/3G mobile communication systems, and propose how SSL, combined with public key infrastructure (PKI elements, can be used to overcome these vulnerabilities. In this B3G environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespective of the underlying network technology. Furthermore, we analyze the effectiveness of such a solution, based on measurements of a prototype implementation. Performance measurements indicate that SSL-based authentication can be possible in terms of service time in future wireless systems, while it can simultaneously provide both the necessary flexibility to network operators and a high level of confidence to end users.

Full Text Available The aim of the study is to increase the effectiveness of automated face recognition to authenticate identity, considering features of change of the face parameters over time. The improvement of the recognition accuracy, as well as consideration of the features of temporal changes in a human face can be based on the methodology of artificial neural networks. Hybrid neural networks, combining the advantages of classical neural networks and fuzzy logic systems, allow using the network learnability along with the explanation of the findings. The structural scheme of intelligent system for identification based on artificial neural networks is proposed in this work. It realizes the principles of digital information processing and identity recognition taking into account the forecast of key characteristics’ changes over time (e.g., due to aging. The structural scheme has a three-tier architecture and implements preliminary processing, recognition and identification of images obtained as a result of monitoring. On the basis of expert knowledge, the fuzzy base of products is designed. It allows assessing possible changes in key characteristics, used to authenticate identity based on the image. To take this possibility into consideration, a neuro-fuzzy network of ANFIS type was used, which implements the algorithm of Tagaki-Sugeno. The conducted experiments showed high efficiency of the developed neural network and a low value of learning errors, which allows recommending this approach for practical implementation. Application of the developed system of fuzzy production rules that allow predicting changes in individuals over time, will improve the recognition accuracy, reduce the number of authentication failures and improve the efficiency of information processing and decision-making in applications, such as authentication of bank customers, users of mobile applications, or in video monitoring systems of sensitive sites.

The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

Full Text Available In this paper, we propose a novel approach to many-to-many user authentication in heterogeneous information systems. The described solution is based on the use of wireless keys – special devices that identify the user by transmitting the requested key information over a wireless network. The key feature of the proposed approach is noninteractive operating mode that allows to use a special encryption algorithm instead of two-way authentication. The algorithm is built on the basis of existing cryptographic primitives that prevents unauthorized system participants from getting access to the data of other users, even with physical access to the memory of the key. This approach does not require computational power or the battery on the key side and does not involve the user in the authentication process that allows implementing a method on passive NFC tags. To proof the concept, software implementation of the described system was developed and a qualitative comparison of the resulting solutions with existing analogues was conducted.

I work in the Flight Software Engineering Branch, where we provide design and development of embedded real-time software applications for flight and supporting ground systems to support the NASA Aeronautics and Space Programs. In addition, this branch evaluates, develops and implements new technologies for embedded real-time systems, and maintains a laboratory for applications of embedded technology. The majority of microchips that are used in modern society have been programmed using embedded technology. These small chips can be found in microwaves, calculators, home security systems, cell phones and more. My assignment this summer entails working with an iPAQ HP 5500 Pocket PC. This top-of-the-line hand-held device is one of the first mobile PC's to introduce biometric security capabilities. Biometric security, in this case a fingerprint authenticationsystem, is on the edge of technology as far as securing information. The benefits of fingerprint authentication are enormous. The most significant of them are that it is extremely difficult to reproduce someone else's fingerprint, and it is equally difficult to lose or forget your own fingerprint as opposed to a password or pin number. One of my goals for this summer is to integrate this technology with another Pocket PC application. The second task for the summer is to develop a simple application that provides an Astronaut EVA (Extravehicular Activity) Log Book capability. The Astronaut EVA Log Book is what an astronaut would use to report the status of field missions, crew physical health, successes, future plans, etc. My goal is to develop a user interface into which these data fields can be entered and stored. The applications that I am developing are created using eMbedded Visual C++ 4.0 with the Pocket PC 2003 Software Development Kit provided by Microsoft.

Fluid mixing in microchannels has many applications, and is particularly important in microfluidic systems for biochemistry and biomedical analysis, or for the production or organic compounds in microreactors. Micromixer development should take into consideration a simple system design with a high mixing efficiency and effective techniques for examining mixing efficiency. Mechanical stirring methods are not suitable for fluid mixing in microchannels because the flow inside microchannels is predominantly laminar and the Reynolds numbers are usually lower than 10. Improving the flexibility and performance of microfluidic systems by incorporating different processes such as fluid handling and fluid motion that cause rapid mixing on micro scale can be challenging. To achieve optimal mixing, an efficient micromixer usually involves complex 3-dimensional geometries which are used to enhance the fluid lamination, stretching and folding. In this study, a biometric concept imitated from distribution of human blood vessel was applied to passive micromixers to promote mixing efficiency. Microchannels of different widths were used to construct the biometric structure. The main advantages of the new design were a high mixing performance and lower pressure drop. Mixing performance was evaluated using a mixing index. The mixing efficiencies in the micromixer under different Reynolds numbers ranging from 1 to 10 were evaluated with a 370 {mu}m device. The main mixing mechanics in this type of passive micromixer was the convection effect. The 2D numerical results revealed that the mixing efficiency of the mixer was 0.876 at Reynolds ratio of 0.85. 9 refs., 3 tabs., 4 figs.

In this paper, a person authenticationsystem that can effectively identify individuals by generating unique electroencephalogram signal features in response to self-face and non-self-face photos is presented. In order to achieve a good stability performance, the sequence of self-face photo including first-occurrence position and non-first-occurrence position are taken into account in the serial occurrence of visual stimuli. In addition, a Fisher linear classification method and event-related potential technique for feature analysis is adapted to yield remarkably better outcomes than that by most of the existing methods in the field. The results have shown that the EEG-based person authentications via brain-computer interface can be considered as a suitable approach for biometricauthenticationsystem.

Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.

Telecare medical information systems (TMIS) enable healthcare delivery services. However, access of these services via public channel raises security and privacy issues. In recent years, several smart card based authentication schemes have been introduced to ensure secure and authorized communication between remote entities over the public channel for the (TMIS). We analyze the security of some of the recently proposed authentication schemes of Lin, Xie et al., Cao and Zhai, and Wu and Xu's for TMIS. Unfortunately, we identify that these schemes failed to satisfy desirable security attributes. In this article we briefly discuss four dynamic ID-based authentication schemes and demonstrate their failure to satisfy desirable security attributes. The study is aimed to demonstrate how inefficient password change phase can lead to denial of server scenario for an authorized user, and how an inefficient login phase causes the communication and computational overhead and decrease the performance of the system. Moreover, we show the vulnerability of Cao and Zhai's scheme to known session specific temporary information attack, vulnerability of Wu and Xu's scheme to off-line password guessing attack, and vulnerability of Xie et al.'s scheme to untraceable on-line password guessing attack.

Currently, there is a demand within distance education of control mechanisms for verifying the identity of students when conducting activities within virtual classrooms. Biometricauthentication is one of the tools to meet this demand and prevent fraud. In this line of research, the present work is aimed at analyzing the perceptions of a group of…

Recently the electrocardiogram (ECG) has been proposed as a novel biometric. This paper aims to construct a reliable ECG verification system, in terms of privacy protection. To this end, an improved expression to estimate the capacity in the autocorrelation (AC) of the ECG is derived, which not only

Recently, the need for more secure identity verification systems has driven researchers to explore other sources of biometrics. This includes iris patterns, palm print, hand geometry, facial recognition, and movement patterns (hand motion, gait, and eye movements). Identity verification systems may benefit from the complexity of human movement that integrates multiple levels of control (neural, muscular, and kinematic). Using principal component analysis, we extracted spatiotemporal hand synergies (movement synergies) from an object grasping dataset to explore their use as a potential biometric. These movement synergies are in the form of joint angular velocity profiles of 10 joints. We explored the effect of joint type, digit, number of objects, and grasp type. In its best configuration, movement synergies achieved an equal error rate of 8.19%. While movement synergies can be integrated into an identity verification system with motion capture ability, we also explored a camera-ready version of hand synergies-postural synergies. In this proof of concept system, postural synergies performed well, but only when specific postures were chosen. Based on these results, hand synergies show promise as a potential biometric that can be combined with other hand-based biometrics for improved security.

Full Text Available Recently, the need for more secure identity verification systems has driven researchers to explore other sources of biometrics. This includes iris patterns, palm print, hand geometry, facial recognition, and movement patterns (hand motion, gait, and eye movements. Identity verification systems may benefit from the complexity of human movement that integrates multiple levels of control (neural, muscular, and kinematic. Using principal component analysis, we extracted spatiotemporal hand synergies (movement synergies from an object grasping dataset to explore their use as a potential biometric. These movement synergies are in the form of joint angular velocity profiles of 10 joints. We explored the effect of joint type, digit, number of objects, and grasp type. In its best configuration, movement synergies achieved an equal error rate of 8.19%. While movement synergies can be integrated into an identity verification system with motion capture ability, we also explored a camera-ready version of hand synergies—postural synergies. In this proof of concept system, postural synergies performed well, but only when specific postures were chosen. Based on these results, hand synergies show promise as a potential biometric that can be combined with other hand-based biometrics for improved security.

The Message verification remains some of the best actual methods for prevent the illegal and dis honored communication after presence progressed to WSNs (Wireless Sensor Networks). Intend for this purpose, several message verification systems must stand established, created on both symmetric key cryptography otherwise public key cryptosystems. Best of them will have some limits for great computational then statement above in count of deficiency of climb ability then flexibility in node settlement occurrence. In a polynomial based system was newly presented for these problems. Though, this system then situations delay will must the dimness of integral limitation firm in the point of polynomial: once the amount of message transferred remains the greater than the limitation then the opponent will completely improve the polynomial approaches. This paper suggests using ECC (Elliptic Curve Cryptography). Though using the node verification the technique in this paper permits some nodes to transfer a limitless amount of messages lacking misery in the limit problem. This system will have the message cause secrecy. Equally theoretic study then model effects show our planned system will be effective than the polynomial based method in positions of calculation then statement above in privacy points though message basis privacy.

Full Text Available In modern day technology, the Information Society is at risk. Passwords are a multi-user computer systems usual first line of defence against intrusion. A password may be textual with any combination of alphanumeric characters or biometric or 3-D. But no authentication protocol is fully secured against todays hackers as all of them are Static in type. Dynamic authentication protocol is still a theoretical concept. In this paper, we are focusing on a concept of authentication technique which is actually dynamic in genre, i.e. the password here will change in t time (where t is as small as possible. This technique comprises of both hardware and software part. In this paper, we have covered the idea of generating an efficient algorithm that can work as the final in the Dynamic Password Authenticationsystem. We have used standard deviation within statistics to generalize the possible password which is further secured by Feistel Block Cipher and Advanced Encryption Standard technique (AES, leading and following the said mathematics respectively. In order to allow the system to create variable password in the least time interval possible, we must make sure our process is not much complex.

total weaponi-upport system or its components. The cost f a program element is divided: (1) re.tearch quantity of buy wili include end items igenerally ...and aircraft support such actions as: (1) I)iscontinuing in-puts to the equipment to be mintminei. IGenerally , tn( higher maintenance facilit is: (2

Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

The telecare medical information systems (TMISs) support convenient and rapid health-care services. A secure and efficient authentication scheme for TMIS provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Kumari et al. proposed a password based user authentication scheme using smart cards for TMIS, and claimed that the proposed scheme could resist various malicious attacks. However, we point out that their scheme is still vulnerable to lost smart card and cannot provide forward secrecy. Subsequently, Das and Goswami proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. They simulated their scheme for the formal security verification using the widely-accepted automated validation of Internet security protocols and applications (AVISPA) tool to ensure that their scheme is secure against passive and active attacks. However, we show that their scheme is still vulnerable to smart card loss attacks and cannot provide forward secrecy property. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

This paper reports on the development of a rapid and simple method for red wine authenticity confirmation during transport and processing; namely, a wine "fingerprinting" system. When wine is transported between two sites, a sample is taken and a mid-infrared (MIR) spectrum is obtained. One hundred sixty-one (n = 161) samples of three main red wine varieties grown in Australia, Shiraz, Cabernet Sauvignon, and Merlot, were collected from six commercial wineries across Australia and scanned in transmission on two MIR spectrophotometers located at The Hardy Wine Company's main site at Reynella, South Australia (Foss WineScan FT 120) (926-5012 cm-1). A similarity index (SI) method was used as a tool to classify wine samples on the basis of their spectral data. The results showed that high rates of classification were obtained when wine samples scanned in different instruments were analyzed. The SI has been proven to provide an acceptable measurement for authentication of red wine integrity during transportation. In five of the six winery data sets, the SI correctly classified 98% of the wines. It was also observed that less than 1% of wines were misclassified between the different wineries investigated. Further studies are needed in order to test the applicability of the SI in a commercial situation and to evaluate its potential as a rapid quality control tool for routine use to authenticate wine samples during transport.

Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.